As I have posted the last few days, I have been undertaking some home lab network redesign and moving a few things around. This includes carving out a proper management network for my vSphere environment. When you are moving IP addresses and VLANs around, it can get a bit trickier when it comes to vSphere Distributed Switches (vDS). Since these are tied to vCenter, you can’t just go in and log in to DCUI and change what you want. You have to move things around methodically. I want to detail how you can change ESXi IP management address and VLAN on vSphere Distributed Switches VDS and see how this can be done.
Challenges in making changes with vSphere Distributed Switches
So, I mentioned you can’t log in and make simple changes when your ESXi host is running on a vSphere Distributed Switch. The configuration data is synchronized with vCenter Server. So, changes should come from the vCenter side. Bad things can happen if you approach VDS from the ESXi host itself. In fact, you will notice if you login to the DCUI on an ESXi host with management running on a vSphere Distributed Switch, the Network Adapters and VLAN configuration menus are greyed out.
This presents a challenge. What if you need to change BOTH the IP address AND the VLAN? You are in a catch 22 when changing both as you will lose connectivity on one or the other since you will be changing both the address space and VLAN layer 2 config. If you only need to change the IP address, you can do this from the DCUI, but you can’t change the VLAN. This is because the VLAN configuration resides on the VDS distributed port group.
Change ESXi Management IP Address and VLAN on vSphere Distributed Switches VDS
To change both the VLAN and management IP of an ESXi host that is running a vSphere switch, you need to temporarily use a vSphere Standard Switch. If you don’t already have a VSS configured, what I like to do is peel off a single network adapter from say a vMotion network, or one of your network adapters backing one of your switches.
Once you have a temporary (or permanent) VSS configured, we will play the shell game of moving the management VMkernel port to the VSS, which will allow us to then use the DCUI to change both the VLAN and IP address. Once we have these changed, you can then migrate the management adapter back over to your vSphere Distributed Switch after the changes are made.
Keep in mind, you need to think about your switch ports backing both your VSS and your VDS to ensure these are configured with the VLANs needed to carry the traffic.
1. Create your vSphere Standard Switch (VSS) if you don’t have one
I think it is a great idea to have a VSS created on all your ESXi hosts when you are running VDS. It can definitely come in handy when you have something bad happen with VDS. You can get in a situation where a host is on an island of its own and it can be a saving grace to have a VSS already configured to move a VMkernel adapter over to get back up and running.
Below I am using the vSwitch0 VSS. I have moved a simple 1 GB connection over to back the VSS. Note I have a port group with the VLAN configured just to make sure I have the right VLANs working. However, the migration process will create an additional port group of your choosing when you migrate.
2. Migrate the VMkernel adapter from the VDS to the VSS
Name the Network label (port group) and make sure to set the correct VLAN.
Review the configuration and click Finish to begin the migration.
If everything has been configured correctly on the switch backing the VDS and the VSS, you most likely won’t even see one dropped packet.
3. Change the management IP address and VLAN from the DCUI
Now that you have the management IP and VLAN on a vSphere Distributed Switch, you can change these from the DCUI. Below, I have the old IP that I will be changing from.
The new IP address has been assigned.
The new VLAN has been configured.
Restart the management network.
Once you restart the management network, the management network changes will be live for your ESXi host. It is a good sanity check to make sure you can ping, etc.
4. Migrate the management IP address and VLAN from the VSS back to the VDS
Now that we have the management IP address and VLAN changed on the VSS, we can migrate the VMkernel port back over to the VDS. Make sure you have the corresponding distributed port group configured on your vSphere Distributed Switch.
***Note*** If you had your ESXi host added to vCenter inventory by the IP address, you will need to re-add the host by the new IP address or DNS name. This also means you will need to add the host back to the vSphere Distributed Switch. If you are going through that process, you can simply assign the VMkernel port during the addition back to the VDS.
Hopefully, this explanation of how to change ESXi management IP Address and VLAN on vSphere Distributed Switches VDS helps to give an overview of the process required to gracefully change both your VLAN and IP address at the same time when running on a vSphere Distributed Switch.
Learn more about vSphere networking here: