Networking

Change ESXi Management IP Address and VLAN on vSphere Distributed Switches VDS

Change ESXi Management IP Address and VLAN on vSphere Distributed Switches VDS. How to overcome VDS challenges changing IP and VLAN

As I have posted the last few days, I have been undertaking some home lab network redesign and moving a few things around. This includes carving out a proper management network for my vSphere environment. When you are moving IP addresses and VLANs around, it can get a bit trickier when it comes to vSphere Distributed Switches (vDS). Since these are tied to vCenter, you can’t just go in and log in to DCUI and change what you want. You have to move things around methodically. I want to detail how you can change ESXi IP management address and VLAN on vSphere Distributed Switches VDS and see how this can be done.

Challenges in making changes with vSphere Distributed Switches

So, I mentioned you can’t log in and make simple changes when your ESXi host is running on a vSphere Distributed Switch. The configuration data is synchronized with vCenter Server. So, changes should come from the vCenter side. Bad things can happen if you approach VDS from the ESXi host itself. In fact, you will notice if you login to the DCUI on an ESXi host with management running on a vSphere Distributed Switch, the Network Adapters and VLAN configuration menus are greyed out.

This presents a challenge. What if you need to change BOTH the IP address AND the VLAN? You are in a catch 22 when changing both as you will lose connectivity on one or the other since you will be changing both the address space and VLAN layer 2 config. If you only need to change the IP address, you can do this from the DCUI, but you can’t change the VLAN. This is because the VLAN configuration resides on the VDS distributed port group.

Network adapters and VLAN configuration options are greyed out
Network adapters and VLAN configuration options are greyed out

Change ESXi Management IP Address and VLAN on vSphere Distributed Switches VDS

To change both the VLAN and management IP of an ESXi host that is running a vSphere switch, you need to temporarily use a vSphere Standard Switch. If you don’t already have a VSS configured, what I like to do is peel off a single network adapter from say a vMotion network, or one of your network adapters backing one of your switches.

Once you have a temporary (or permanent) VSS configured, we will play the shell game of moving the management VMkernel port to the VSS, which will allow us to then use the DCUI to change both the VLAN and IP address. Once we have these changed, you can then migrate the management adapter back over to your vSphere Distributed Switch after the changes are made.

Keep in mind, you need to think about your switch ports backing both your VSS and your VDS to ensure these are configured with the VLANs needed to carry the traffic.

1. Create your vSphere Standard Switch (VSS) if you don’t have one

I think it is a great idea to have a VSS created on all your ESXi hosts when you are running VDS. It can definitely come in handy when you have something bad happen with VDS. You can get in a situation where a host is on an island of its own and it can be a saving grace to have a VSS already configured to move a VMkernel adapter over to get back up and running.

Below I am using the vSwitch0 VSS. I have moved a simple 1 GB connection over to back the VSS. Note I have a port group with the VLAN configured just to make sure I have the right VLANs working. However, the migration process will create an additional port group of your choosing when you migrate.

Create a vSphere Standard Switch VSS
Create a vSphere Standard Switch VSS

2. Migrate the VMkernel adapter from the VDS to the VSS

Migrate your VMkernel adapter from the vSphere Distributed Switch port group to a vSphere Standard Switch port group
Migrate your VMkernel adapter from the vSphere Distributed Switch port group to a vSphere Standard Switch port group

Name the Network label (port group) and make sure to set the correct VLAN.

Name your port group and make sure you have the correct VLAN configured
Name your port group and make sure you have the correct VLAN configured

Review the configuration and click Finish to begin the migration.

Complete the migration wizard from VDS to VSS for your management IP address
Complete the migration wizard from VDS to VSS for your management IP address

If everything has been configured correctly on the switch backing the VDS and the VSS, you most likely won’t even see one dropped packet.

No dropped packets to the management IP address
No dropped packets to the management IP address

3. Change the management IP address and VLAN from the DCUI

Now that you have the management IP and VLAN on a vSphere Distributed Switch, you can change these from the DCUI. Below, I have the old IP that I will be changing from.

Viewing the old IP address to change to the new IP address
Viewing the old IP address to change to the new IP address

The new IP address has been assigned.

Changing to the new IP address
Changing to the new IP address

The new VLAN has been configured.

Changing to the new VLAN
Changing to the new VLAN

Restart the management network.

Restart the management network
Restart the management network

Once you restart the management network, the management network changes will be live for your ESXi host. It is a good sanity check to make sure you can ping, etc.

4. Migrate the management IP address and VLAN from the VSS back to the VDS

Now that we have the management IP address and VLAN changed on the VSS, we can migrate the VMkernel port back over to the VDS. Make sure you have the corresponding distributed port group configured on your vSphere Distributed Switch.

***Note*** If you had your ESXi host added to vCenter inventory by the IP address, you will need to re-add the host by the new IP address or DNS name. This also means you will need to add the host back to the vSphere Distributed Switch. If you are going through that process, you can simply assign the VMkernel port during the addition back to the VDS.

Migrate the Management VMkernel IP address from the VSS to the VDS
Migrate the Management VMkernel IP address from the VSS to the VDS

Wrapping up

Hopefully, this explanation of how to change ESXi management IP Address and VLAN on vSphere Distributed Switches VDS helps to give an overview of the process required to gracefully change both your VLAN and IP address at the same time when running on a vSphere Distributed Switch.

Learn more about vSphere networking here:

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

10 Comments

  1. This is great stuff…
    But you did not mention the reconnection to VC after changing the IP address part.
    After changing the IP address the connection to VC drops.
    You need first to “right click, disconnect” the host, change the host’s DNS, flushdns on the VC and only then change the ip address of the host. Then you should be able to reconnect it.

  2. I’m wondering if we could streamline this by just doing the following:

    1) place host into MM
    2) remove host form vcenter
    3) from DCUI go to Network Restore Options>Restore Standard vSwitch
    4) Make the necessary IP and VLAN changes
    5) change the DNS entry
    6) add host to vcenter
    7) Add host to VDS, migrate the uplinks and vmkernal ports to dv Portgroups
    8) exit out of MM

    I assume since we are in MM then having an outage on the host would be OK and we wouldn’t need to ensure connectivity 100%

  3. is it possible to use esxcli to attach the host to new VLAN add new IP , mask gateway and new DNS in one command from the console ?

    1. Ezzeddine,

      Thank you for the comment! I believe this is possible. I will need to do some testing on stringing the commands together and DNS configuration. Also, I will create a more detailed topic in the Forums under vSphere help. Be sure to sign up on the forums and I can give you some more detailed help.

      Brandon

  4. Also could we use two VMkernels for the management trafic , i mean we create a new one and we attach it to the a new portgroup attached to the VDs , and here the traffic can be on two VLANs differents is this possible , ? if no what are the issues ?

  5. Thanks Brandon ,
    Here my concern to use two VMkernel for the management is for a future migration , i ‘m thinking on that scenario to avoid any interruption of the existent one .
    here by creating a new VMkernel and we attach it to the portgroup and to the existing VDS we have no need to use any free vmnicx.
    this procedure can replace your ? if yes what about the DCUI ? what will be it IP address ?

    regards .

  6. the subject is to migrate the managment network to a new one ( new subnet , mask, GW and VLAN) so i preferred this method to avoid any production interruption during the migration .
    in that case the new mgmt traffic will be on the new VLan and the old one on the old VLan.
    is this also a good solution for a migration ? this procedure can replace your procedure by using a VSS to migrate twice the old VMkernel ?
    And what about the DCUI how could we connect to it since we have two management VMKERNEL ?

    regards

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.