Configuring and Managing Virtual Networks

Module 5

2012 VMware Inc. All rights reserved

You Are Here

Course Introduction

Data Protection

Introduction to Virtualization

Access and Authentication Control

Creating Virtual Machines

Resource Management and Monitoring

VMware vCenter Server

High Availability and Fault Tolerance

Configuring and Managing Virtual Networks

Host Scalability

Configuring and Managing vSphere Storage

Patch Management

Virtual Machine Management

Installing VMware vSphere Components

VMware vSphere: Install, Configure, Manage Revision A

5-2
2012 VMware Inc. All rights reserved

Importance
VMware vSphere ESXi networking features allow the following:
Virtual machines to communicate with other virtual and physical
machines
Management of the ESXi host
The VMkernel to access IP-based storage and perform VMware
vSphere vMotion migrations
Failure to properly configure ESXi networking can negatively affect
virtual machine management and storage operations.

VMware vSphere: Install, Configure, Manage Revision A

5-3
2012 VMware Inc. All rights reserved

Module Lessons

Lesson 1:

Introduction to vNetwork Standard Switches

Lesson 2:

Configuring Standard Virtual Switch Policies

VMware vSphere: Install, Configure, Manage Revision A

5-4
2012 VMware Inc. All rights reserved

Lesson 1:
Introduction to vNetwork Standard
Switches

VMware vSphere: Install, Configure, Manage Revision A

5-5
2012 VMware Inc. All rights reserved

Learner Objectives

After this lesson, you should be able to do the following:

Define a virtual network.
Describe a virtual switch.
Describe the virtual switch connection types.
Describe the components of a vNetwork standard switch.
Create a vNetwork standard switch.

VMware vSphere: Install, Configure, Manage Revision A

5-6
2012 VMware Inc. All rights reserved

What Is a Virtual Network? What Is a Virtual Switch?

A virtual network provides networking for hosts and

virtual machines.
A virtual switch:

Directs network traffic

between virtual machines
and links to external
networks.
Combines the bandwidth of
multiple network adapters
and balances traffic among
them. It can also handle
physical network interface card (NIC)
failover.
Models a physical Ethernet switch:

Virtual
NIC

Virtual
NIC

Virtual
NIC

Physical NIC
vmnic0

vmnic1

A virtual machines NIC can connect to a port.

Each uplink adapter uses one port.

VMware vSphere: Install, Configure, Manage Revision A

5-7
2012 VMware Inc. All rights reserved

Types of Virtual Switch Connections

A virtual switch allows the following connection types:

One or more virtual machine port groups
VMkernel port:

For IP storage, vMotion migration, VMware vSphere Fault Tolerance

For the ESXi management network

Production

Test Dev

VMware vSphere: Install, Configure, Manage Revision A

DMZ

vMotion Management

5-8
2012 VMware Inc. All rights reserved

Virtual Switch Connection Examples

More than one network can coexist on the same virtual switch, or
networks can exist on separate virtual switches.

VMware vSphere: Install, Configure, Manage Revision A

5-9
2012 VMware Inc. All rights reserved

Types of Virtual Switches

A virtual network supports two types of virtual switches:

vNetwork standard switches:

Virtual switch configuration for a single host

Discussed in this module

vNetwork distributed switches:

Virtual switches that provide a consistent network configuration for virtual

machines as they migrate across multiple hosts

VMware vSphere: Install, Configure, Manage Revision A

5-10
2012 VMware Inc. All rights reserved

Standard Virtual Switch Components

VMware vSphere: Install, Configure, Manage Revision A

5-11
2012 VMware Inc. All rights reserved

Default Standard Virtual Switch Configuration

Display standard
virtual switches.

Enable IPv6 on
ESXi host.

Delete the
virtual switch.

Display virtual
switch properties.

Display Cisco
Discovery Protocol
information.

Display port group

properties.

VMware vSphere: Install, Configure, Manage Revision A

5-12
2012 VMware Inc. All rights reserved

Standard Virtual Switch Ports

You can change the number of ports on a standard virtual switch.

VMware vSphere: Install, Configure, Manage Revision A

5-13
2012 VMware Inc. All rights reserved

Network Adapter Properties

For each physical adapter, speed and duplex can be changed.

You might need to set the speed and duplex for certain NIC and
switch combinations.

VMware vSphere: Install, Configure, Manage Revision A

5-14
2012 VMware Inc. All rights reserved

VLANs

ESXi supports 802.1Q VLAN tagging.

Virtual switch tagging is one of three
tagging policies supported.
Packets from a virtual machine are
tagged as they exit the virtual switch.
Packets are untagged as they return
to the virtual machine.
Affect on performance is minimal.

ESXi provides VLAN support by

giving a port group a VLAN ID.

VMware vSphere: Install, Configure, Manage Revision A

5-15
2012 VMware Inc. All rights reserved

Physical Network Considerations

Discuss VMware vSphere networking needs with your network

administration team. Discuss the following issues:
Number of physical switches
Network bandwidth required
Physical switch support for 802.3AD (for NIC teaming)
Physical switch support for 802.1Q (for VLAN trunking)
Network port security
Cisco Discovery Protocol (CDP) and its operational modes: listen,
broadcast, listen and broadcast, and disabled.

VMware vSphere: Install, Configure, Manage Revision A

5-16
2012 VMware Inc. All rights reserved

Lab 5

In this lab, you will create a standard virtual switch and port group.
1. View the current standard virtual switch configuration.
2. Create a standard virtual switch with a virtual machine port group.
3. Attach your virtual machine to a virtual switch port group.

VMware vSphere: Install, Configure, Manage Revision A

5-17
2012 VMware Inc. All rights reserved

Review of Learner Objectives

You should be able to do the following:

Define a virtual network.
Describe a virtual switch.
Describe the virtual switch connection types.
Describe the components of a vNetwork standard switch.
Create a vNetwork standard switch.

VMware vSphere: Install, Configure, Manage Revision A

5-18
2012 VMware Inc. All rights reserved

Lesson 2:
Configuring Standard Virtual Switch
Policies

VMware vSphere: Install, Configure, Manage Revision A

5-19
2012 VMware Inc. All rights reserved

Learner Objectives

After this lesson, you should be able to describe the security

properties of a standard virtual switch port group:
Security
Traffic shaping
NIC teaming policies

VMware vSphere: Install, Configure, Manage Revision A

5-20
2012 VMware Inc. All rights reserved

Network Policies

Three network policies:

Security
Traffic shaping
NIC teaming
Policies are defined:
At the standard virtual switch level:

Default policies for all the ports on the standard virtual switch

At the port or port group level:

Effective policies: Policies defined at this level override the default policies
set at the standard virtual switch level.

VMware vSphere: Install, Configure, Manage Revision A

5-21
2012 VMware Inc. All rights reserved

Security Policy

Administrators can configure layer 2 Ethernet security options at the

standard virtual switch and at the port groups.

VMware vSphere: Install, Configure, Manage Revision A

5-22
2012 VMware Inc. All rights reserved

Traffic-Shaping Policy

Network traffic shaping is a mechanism for controlling a virtual

machines network bandwidth.
Average rate, peak rate, and burst size are configurable.

VMware vSphere: Install, Configure, Manage Revision A

5-23
2012 VMware Inc. All rights reserved

Configuring Traffic Shaping

Traffic shaping is
disabled by default.
Parameters apply to
each virtual NIC in
the standard virtual
switch.
On a standard
switch, traffic
shaping controls
outbound traffic
only.

VMware vSphere: Install, Configure, Manage Revision A

5-24
2012 VMware Inc. All rights reserved

NIC Teaming Policy

NIC Teaming
settings:
Load Balancing
(outbound only)
Network Failure
Detection
Notify Switches
Failback
Failover Order

VMware vSphere: Install, Configure, Manage Revision A

5-25
2012 VMware Inc. All rights reserved

Load-Balancing Method: Originating Virtual Port ID

virtual
switch

virtual
NICs
VMware vSphere: Install, Configure, Manage Revision A

physical
switch

physical
NICs
5-26
2012 VMware Inc. All rights reserved

Load-Balancing Method: Source MAC Hash

Internet

physical
switch

virtual
switch

virtual
NICs

physical
NICs

VMware vSphere: Install, Configure, Manage Revision A

5-27
2012 VMware Inc. All rights reserved

Load-Balancing Method: IP-Hash

Internet

physical
switch

virtual
switch

virtual
NICs

physical
NICs

VMware vSphere: Install, Configure, Manage Revision A

5-28
2012 VMware Inc. All rights reserved

Detecting and Handling Network Failure

Network failure is detected by the

VMkernel, which monitors:
Link state only
Link state, plus beaconing
Switches can be notified whenever:
A failover event occurs
A new virtual NIC is connected to
the virtual switch
Failover implemented by the VMkernel
based on configurable parameters:
Failback:

How physical adapter is returned to active duty after recovering from failure

Load-balancing option:

Use explicit failover order. Always use the highest order uplink from the list
of active adapters that pass failover detection criteria.

VMware vSphere: Install, Configure, Manage Revision A

5-29
2012 VMware Inc. All rights reserved

Review of Learner Objectives

You should be able to describe the security properties of a standard

virtual switch port group:
Security
Traffic shaping
NIC teaming policies

VMware vSphere: Install, Configure, Manage Revision A

5-30
2012 VMware Inc. All rights reserved

Key Points

There are two connection types on a virtual switch: virtual machine and
VMkernel.
A standard virtual switch is a virtual switch configuration for a single
host.
Network policies set at the standard virtual switch level can be
overridden at the port group level.

Questions?

VMware vSphere: Install, Configure, Manage Revision A

5-31
2012 VMware Inc. All rights reserved