Two vSwitch portgroup-related questions:
- Can you configure the same VLAN on two portgroups in the same vSwitch? How about vDS?
- Can VMs attached to two different portgroups in the same ESX host talk to each other directly or do they have to go communicate through an external switch (or L3 device)?
- Yes & Yes.
- The VMs can communicate directly, as long as the portgroups belong to the same VLAN (or have no VLAN information).
Somehow I always assumed portgroups were security-related objects (because you can configure VLANs on them), whereas in fact they’re just configuration templates. Configuring a VLAN on a portgroup has exactly the same consequences as configuring switchport mode access and switchport access vlan X on a Catalyst switch.
Looking at the questions from the “portgroups are configuration templates” perspective, the vSwitch/vDS behavior makes perfect sense – there is no reason the same VLAN could not be configured in two templates, and the VMs attached to the same VLAN (although using different configuration templates) can communicate directly.