vsicm51 m05 networking

© 2012 VMware Inc. All rights reserved

Configuring and Managing Virtual Networks

Module 5

5-2


VMware vSphere: Install, Configure, Manage – Revision A

Course Introduction

Introduction to Virtualization

Creating Virtual Machines

VMware vCenter Server

Configuring and Managing Virtual Networks

Configuring and Managing vSphere Storage

Virtual Machine Management

Data Protection

Access and Authentication Control

Resource Management and Monitoring

High Availability and Fault Tolerance

Host Scalability

Patch Management

Installing VMware vSphere Components

You Are Here

5-3



VMware vSphere® ESXi™ networking features allow the following:

Virtual machines to communicate with other virtual and physical machines

Management of the ESXi host

The VMkernel to access IP-based storage and perform VMware vSphere® vMotion® migrations

Failure to properly configure ESXi networking can negatively affect

virtual machine management and storage operations.

Importance

5-4



Lesson 1: Introduction to vNetwork Standard Switches

Lesson 2: Configuring Standard Virtual Switch Policies

Module Lessons

5-5



Lesson 1:

Introduction to vNetwork Standard

Switches

5-6



After this lesson, you should be able to do the following:

Define a virtual network.

Describe a virtual switch.

Describe the virtual switch connection types.

Describe the components of a vNetwork standard switch.

Create a vNetwork standard switch.

Learner Objectives

5-7



A virtual network provides networking for hosts and virtual machines.

A virtual switch:

Directs network traffic between virtual machines and links to external networks.

Combines the bandwidth of multiple network adapters and balances traffic among them. It can also handle physical network interface card (NIC) failover.

Models a physical Ethernet switch:

• A virtual machine’s NIC can connect to a port.

• Each uplink adapter uses one port.

What Is a Virtual Network? What Is a Virtual Switch?

Physical NIC

Virtual

NIC Virtual

NIC

Virtual

NIC

vmnic0 vmnic1

5-8



A virtual switch allows the following connection types:

One or more virtual machine port groups

VMkernel port:

• For IP storage, vMotion migration, VMware vSphere® Fault Tolerance

• For the ESXi management network

Types of Virtual Switch Connections

Production Test Dev DMZ vMotion Management

5-9



More than one network can coexist on the same virtual switch, or

networks can exist on separate virtual switches.

Virtual Switch Connection Examples

5-10



A virtual network supports two types of virtual switches:

vNetwork standard switches:

• Virtual switch configuration for a single host

• Discussed in this module

vNetwork distributed switches:

• Virtual switches that provide a consistent network configuration for virtual machines as they migrate across multiple hosts

Types of Virtual Switches

5-11



Standard Virtual Switch Components

5-12



Default Standard Virtual Switch Configuration

Display standard

virtual switches.

Delete the

virtual switch. Display virtual

switch properties.

Display port group

properties.

Display Cisco

Discovery Protocol

information.

Enable IPv6 on

ESXi host.

5-13



You can change the number of ports on a standard virtual switch.

Standard Virtual Switch Ports

5-14



For each physical adapter, speed and duplex can be changed.

You might need to set the speed and duplex for certain NIC and

switch combinations.

Network Adapter Properties

5-15



ESXi supports 802.1Q VLAN tagging.

Virtual switch tagging is one of three

tagging policies supported.

Packets from a virtual machine are tagged as they exit the virtual switch.

Packets are untagged as they return to the virtual machine.

Affect on performance is minimal.

ESXi provides VLAN support by

giving a port group a VLAN ID.

VLANs

5-16



Discuss VMware vSphere® networking needs with your network

administration team. Discuss the following issues:

Number of physical switches

Network bandwidth required

Physical switch support for 802.3AD (for NIC teaming)

Physical switch support for 802.1Q (for VLAN trunking)

Network port security

Cisco Discovery Protocol (CDP) and its operational modes: listen, broadcast, listen and broadcast, and disabled.

Physical Network Considerations

5-17



In this lab, you will create a standard virtual switch and port group.

1. View the current standard virtual switch configuration.

2. Create a standard virtual switch with a virtual machine port group.

3. Attach your virtual machine to a virtual switch port group.

Lab 5

5-18



You should be able to do the following:

Define a virtual network.

Describe a virtual switch.

Describe the virtual switch connection types.

Describe the components of a vNetwork standard switch.

Create a vNetwork standard switch.

Review of Learner Objectives

5-19



Lesson 2:

Configuring Standard Virtual Switch

Policies

5-20



After this lesson, you should be able to describe the security

properties of a standard virtual switch port group:

Security

Traffic shaping

NIC teaming policies

Learner Objectives

5-21



Three network policies:

Security

Traffic shaping

NIC teaming

Policies are defined:

At the standard virtual switch level:

• Default policies for all the ports on the standard virtual switch

At the port or port group level:

• Effective policies: Policies defined at this level override the default policies set at the standard virtual switch level.

Network Policies

5-22



Administrators can configure layer 2 Ethernet security options at the

standard virtual switch and at the port groups.

Security Policy

5-23



Network traffic shaping is a mechanism for controlling a virtual

machine’s network bandwidth.

Average rate, peak rate, and burst size are configurable.

Traffic-Shaping Policy

5-24



Traffic shaping is

disabled by default.

Parameters apply to

each virtual NIC in

the standard virtual

switch.

On a standard

switch, traffic

shaping controls

outbound traffic

only.

Configuring Traffic Shaping

5-25



NIC Teaming

settings:

Load Balancing (outbound only)

Network Failure Detection

Notify Switches

Failback

Failover Order

NIC Teaming Policy

5-26



Load-Balancing Method: Originating Virtual Port ID

virtual

NICs

physical

NICs

virtual

switch physical

switch

5-27



Load-Balancing Method: Source MAC Hash

virtual

NICs

physical

NICs

virtual

switch

Internet

physical

switch

5-28



Load-Balancing Method: IP-Hash

virtual

NICs

physical

NICs

virtual

switch

Internet

physical

switch

5-29



Network failure is detected by the

VMkernel, which monitors:

Link state only

Link state, plus beaconing

Switches can be notified whenever:

A failover event occurs

A new virtual NIC is connected to the virtual switch

Failover implemented by the VMkernel

based on configurable parameters:

Failback:

• How physical adapter is returned to active duty after recovering from failure

Load-balancing option:

• Use explicit failover order. Always use the highest order uplink from the list of active adapters that pass failover detection criteria.

Detecting and Handling Network Failure

5-30



You should be able to describe the security properties of a standard

virtual switch port group:

Security

Traffic shaping

NIC teaming policies

Review of Learner Objectives

5-31



There are two connection types on a virtual switch: virtual machine and VMkernel.

A standard virtual switch is a virtual switch configuration for a single host.

Network policies set at the standard virtual switch level can be overridden at the port group level.

Questions?

Key Points

vsicm51 m05 networking

Documents

rights reserved vmware

virtual machines nic

vmware vsphere components

virtual networks module

separate virtual switches

vmware vsphere fault

physical machines management

physical ethernet switch