Configuring and Managing Virtual Networks
Module 5

© 2015 VMware Inc. All rights reserved.


You Are Here

9.

7.

Virtual Machine Management

10. Software-Defined Data Center

8.

Resource Management and Monitoring

11.

9.

vSphere HA and vSphere Fault Tolerance

Course Introduction

Creating Virtual Machines

12. vCenter Server

10. Host Scalability

13. Configuring and Managing Virtual Networks

11.

14. Configuring and Managing Virtual Storage

12. Installing vSphere Components

vSphere Update Manager and Host Maintenance

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-2


Importance
VMware ESXi™ networking features enable:

•

Virtual machines to communicate with other virtual and physical machines

•

Management of the ESXi host


•

VMkernel communication on the network

Failure to properly configure ESXi networking can negatively affect virtual machine management and storage operations.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-3


Module Lessons
Lesson 1:

Introduction to vSphere Standard Switches

Lesson 2:

Configuring Standard Switch Policies

Lesson 3:

Introduction to vSphere Distributed Switches

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-4



Lesson 1:
Introduction to vSphere Standard Switches

?-5
© 2015 VMware Inc. All rights reserved.


Learner Objectives
By the end of this lesson, you should be able to meet the following objectives:

•

Describe the virtual switch connection types

•

Describe the components of a standard switch

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-6


Types of Virtual Switch Connections
A virtual switch has specific connection types:

ã


Virtual machine port groups

ã

VMkernel port:



For IP storage, VMware vSpheređ High Availability, VMware vSphere® vMotion® migration, VMware vSphere® Fault Tolerance, VMware Virtual
SAN™, and VMware vSphere® Replication™

–

For the ESXi management network

Virtual Machine Port Groups

Production

TestDev

VMkernel Ports

DMZ

vSphere vMotion

Management

Virtual Switch


Uplink Ports

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-7


Virtual Switch Connection Examples
More than one network can coexist on the same virtual switch. Or networks can exist on separate virtual switches.

Management

vSphere vMotion

Production

TestDev

iSCSI

Virtual Switch

Management

Virtual
Virtual Switch
Switch


vSphere vMotion

Virtual
Virtual Switch
Switch

Production

Virtual
Virtual Switch
Switch

TestDev

Virtual
Virtual Switch
Switch

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

iSCSI

Virtual
Virtual Switch
Switch

?-8



Types of Virtual Switches
A virtual network supports these types of virtual switches:

•

Standard switches:

–

•

Virtual switch configuration for a single host

Distributed switches:

–

Virtual switches that provide a consistent network configuration for virtual machines as they migrate across multiple hosts

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-9


Standard Switch Components
A standard switch provides connections for virtual machines to communicate with one another, whether they are on the same
host or a different host.

VM1


VNIC

VM2

VNIC

VM3

VNIC

IP

Management

storage

Network

VNIC

VMkernel
VMkernel

Test VLAN 101
Production VLAN 102
IP Storage VLAN 103
Management VLAN 104

Insert Course Title Here – Prerelease

© 2015 VMware Inc. All rights reserved.

?-10


Viewing the Standard Switch Configuration
You can view a host’s standard switch configuration by clicking Networking on the Manage tab.

Display port group properties.

Delete the port group.

Display Cisco Discovery Protocol information.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-11


About VLANs
ESXi supports 802.1Q VLAN tagging.
VM

VM

Virtual switch tagging is one of the tagging policies supported:

•


Packets from a virtual machine are tagged as they exit the virtual
switch.

•

Packets are untagged as they return to the virtual machine.

•

Effect on performance is minimal.

VMkernel

VLAN
VLAN 105
105

VLAN
VLAN 106
106

Virtual
Virtual Switch
Switch

ESXi provides VLAN support by giving a port group a VLAN ID.
Physical NIC

Physical Switch
Trunk Port


Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-12


Network Adapter Properties
A physical adapter can become a bottleneck for network traffic if the adapter speed does not match application requirements.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-13


Review of Learner Objectives
You should be able to meet the following objectives:

•

Describe the virtual switch connection types

•

Describe the components of a standard switch

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.


?-14


Lesson 2:
Configuring Standard Switch Policies

?-15
© 2015 VMware Inc. All rights reserved.


Learner Objectives
By the end of this lesson, you should be able to meet the following objectives:

•

Describe the security of a standard switch port group

•

Describe the traffic shaping of a standard switch port group

•

Describe the NIC teaming and failover of a standard switch port group

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-16



Network Switch and Port Policies
Policies set at the standard switch level apply to all of the port groups on the standard switch. The exceptions are the
configuration options that are overridden at the standard port group.
Available network policies:

•
•
•

Security
Traffic shaping
NIC teaming and failover

Policies are defined at these levels:

•

Standard switch level:

–

•

Default policies for all the ports on the standard switch.

Port group level:

–


Effective policies: Policies defined at this level override the default policies set at the standard switch level.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-17


Configuring Security Policy
Administrators can define security policies at both the standard switch level and the port group level:

•

Promiscuous mode: Allows a virtual switch or port group to present all traffic regardless of the destination.

•

MAC address changes: Accept or reject inbound traffic when the MAC address has been altered by the guest.

•

Forge transmits: Accept or reject outbound traffic when the MAC address has been altered by the guest.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-18


Traffic-Shaping Policy

Network traffic shaping is a mechanism for limiting a virtual machine’s consumption of available network bandwidth.
Average rate, peak rate, and burst size are configurable.

Outbound Bandwidth

Peak Bandwidth

Average

Time
Burst Size = Bandwidth x Time

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-19


Configuring Traffic Shaping
A traffic-shaping policy is defined by average bandwidth, peak bandwidth, and burst size. You can establish a traffic-shaping
policy for each port group and each distributed port or distributed port group:

•

Traffic shaping is disabled by default.

•

Parameters apply to each virtual NIC in the standard switch.


•

On a standard switch, traffic shaping controls only outbound traffic.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-20


NIC Teaming and Failover Policy
Administrators can edit the NIC teaming and failover policy by configuring specific options.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-21


Load-Balancing Method: Originating Virtual Port ID
The diagram shows routing based on the originating port ID, called virtual port ID load balancing.

Virtual
Switch
Physical
Switch

Virtual NICs

Physical NICs


Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-22


Load-Balancing Method: Source MAC Hash
The diagram shows routing based on source MAC hash.

Internet

Virtual
Switch

Physical
Switch

Virtual

Physical

NICs

NICs

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-23



Load-Balancing Method: Source and Destination IP Hash
The diagram shows routing based on IP hash.

Internet

Virtual NICs

Virtual

Physical

Switch

Switch

Physical NICs

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-24


Detecting and Handling Network Failure
The VMkernel can use link status or beaconing or both to detect a network failure.
Network failure is detected by the VMkernel, which monitors the link state and performs beacon probing.
VMkernel notifies physical switches of changes in the physical location of a MAC address.
Failover is implemented by the VMkernel based on configurable parameters:


•
•

Failback: How the physical adapter is returned to active duty after recovering from failure.
Load-balancing option: Use explicit failover order. Always use the vmnic uplink at the top of the active adapter list.

Insert Course Title Here – Prerelease
© 2015 VMware Inc. All rights reserved.

?-25