| Hyper-V Trunking [message #139276] |
Mon, 09 April 2018 04:37  |
mattyoder7
Messages: 1
Registered: April 2018
|
|
|
|
Hey Guys,
I've been trying my heart out to get multiple VLANs trunked to ONE instance of Kerio Control configured on a Hyper-V host. I think I've got the config correct on the Hyper-V side - using Powershell to configure trunking through one physical NIC and then assigning it to my Kerio VM. But, it just does not want to talk.
Does this have anything to do with the fact that you have to assign a static MAC address to the Network Adapter in the Kerio VM Settings? If that's the case, then the VM wouldn't allow multiple MACs for different VLAN interfaces through one NIC, which would make communication impossible.
If someone can please give me an answer, that would be greatly appreciated. It's mostly for my sanity, but also for a customer I had who tried to configure it this way, and we ended up installing multiple instances of the Kerio VM and assigning each to their own virtual switch/VLAN. It would be nicer to have one instance of Kerio and trunk all the VLANs through one NIC.
Thanks!
Matt
|
|
|
|
| Re: Hyper-V Trunking [message #139303 is a reply to message #139276] |
Mon, 09 April 2018 19:10  |
jbhur
Messages: 6
Registered: October 2015
|
|
|
|
I, too, run Kerio Control within a Hyper-V virtual machine and I'm using multiple VLANs to communicate between it and another Hyper-V VM running a different software router/firewall with features not available in Kerio. In my case, the VLAN adapters are configured on a private virtual switch, whereas in your case, they would be configured on an external virtual switch.
In my Hyper-V configuration, I created a private virtual switch called VLANTrunk. I assigned that switch as adapters in both the Kerio and other router/firewall VMs. The adapters are configured with static MAC addresses and MAC address spoofing enabled.
For each VM I ran the following Powershell commandlet:
Set-VMNetworkAdapterVlan -VMname $VMName -VMNetworkAdapterName $VMNetworkAdapterName -Trunk -AllowedVlanIdList "vlan number" -NativeVlanId "vlan ID"
So, for the Kerio VM (named "Kerio"), the above looked like this:
Set-VMNetworkAdapterVlan -VMname Kerio -VMNetworkAdapterName VLANTrunk -Trunk -AllowedVlanIdList 100-199 -NativeVlanId 10
This allows up to 100 VLANs (numbered 100 to 199) to be defined within the VM. (NativeVlanID of "10" was arbitrarily chosen).
I checked the VLAN assignment with:
get-vmnetworkadapterVlan -vmname Kerio
Within Kerio, I created multiple VLAN adapters using adapter VLANTrunk as the parent. Though they all have the same MAC address, there's no conflict because they operate on different, segregated networks. I had no need to override any MAC address as is allowed in Kerio's advanced adapter configuration.
Is there any equipment (eg. switch) in the traffic stream that is not 802.1Q VLAN tagging compliant?
|
|
|
|
Members
Search
Help
Register
Login
Home
