Symptoms: VLAN Trunk Mistag

• A new VMware ESXi host (esxi-node-07) was added to the cluster and connected to switch sw-dist-02 via a trunk port.
• VMs on VLAN 100 (management, 10.50.100.0/24) and VLAN 200 (production, 10.50.200.0/24) work fine.
• VMs placed on VLAN 350 (database, 10.50.350.0/24) cannot reach anything outside the ESXi host -- no gateway, no other hosts on VLAN 350.
• VMs on VLAN 350 on other ESXi hosts (connected to other switches) work without issues.
• The network team says the trunk port is configured correctly.
• Pinging the VLAN 350 gateway (10.50.350.1) from affected VMs fails.
• A tcpdump on the ESXi vmnic shows 802.1Q tagged frames with VLAN 350 leaving the host.
• The problem only affects VLAN 350; VLANs 100 and 200 are unaffected.