You can configure VLANs in ESXi using three methods:

External Switch Tagging (EST),

-Physical switch does the tagging
-Host NIC connects to access port of the physical switch
-VLAN should be set to 0 on Virtual switch
Virtual Switch Tagging (VST)
- VLAN tagging of packets is performed by the virtual switch before leaving the
host.
- Host network adapters must be connected to trunk ports on the physical switch.
- Port groups that are connected to the virtual switch must have a VLAN ID betwe
en 1 and 4094.
Virtual Guest Tagging (VGT).(When using VGT, you must have an 802.1Q VLAN trunki
ng driver installed on the virtual machine )
- VLAN tagging is done by the virtual machine.
- VLAN tags are preserved between the virtual machine networking stack and exter
nal switch when frames pass to and from virtual switches.
- Host network adapters must be connected to trunk ports on the physical switch.
- For a standard switch the VLAN ID of port groups with VGT must be set to 4095.
- For a distributed switch the VLAN trunking policy must include the range of th
e VLANs to which virtual machines are connected.
# PortGroup
-You can add or modify a virtual machine port group to set up traffic management
on a set of virtual machines
-It specifies port configuration options such as bandwidth limitations and VLAN
tagging policies for each member port.
- Network services connect to standard switches through port groups.
- Port groups define how a connection is made through the switch to the network.
- Typically, a single standard switch is associated with one or more port groups
# Vswitches basically performs two functions
- enables communication betwen VM and physical network and between VM to VM
- Enables communication of VMkernel services like NFS ISCSI VMOTION to physical
network
VSS vs VDS
- Uplink groups are different in VSS as opposed to VDS
- in VDS all the nics are grouped into a single uplink group
- Allows to set NIOC , port mirroring (span or erspan) , Netflow
- Private VLAN (vlan within VLAN) just like DMZ (Layer 2 filtering)
- ingress and egress trafic shaping
- SNMP support
- vDS architecture
1. Control plane ( mgmt plane)
Resposible for config mgmt
2. Data plane ( IO plane )
Responsible for data flow .. in and out of each host.
- CDP - cisco discovery protocol
- LLDP - VDS uses this too ( link layer discover protocol .. with HP/juniper swi
tch )

- Disbale STP and enable portfast

When you enable PortFast on the switch, spanning tree places ports in the forwar
ding state immediately, instead of going through the listening, learning, and fo
rwarding states. By default, spanning tree sends BPDUs from all ports regardless
of whether PortFast is enabled.
# Private VLAN