Configure and Manage Virtual Networks

Module 5

2011 VMware Inc. All rights reserved

You Are Here

Course Introduction Introduction to Virtualization Virtual Machines VMware vCenter Server Configure and Manage Virtual Networks Configure and Manage Virtual Storage Managing Virtual Machines

Data Protection Access & Authentication Control Resource Management and Monitoring High Availability Scalability Patch Management Installing vSphere Components

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-2
2011 VMware Inc. All rights reserved

Importance

VMware ESXi networking features allow virtual machines to communicate with other virtual and physical machines, allow management of the ESXi host, and allow the VMkernel to access IPbased storage and perform VMware vSphere vMotion migrations. Failure to properly configure ESXi networking can negatively affect virtual machine management and storage operation.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-3
2011 VMware Inc. All rights reserved

Module Lessons

Lesson 1: Lesson 2:

Introduction to vNetwork Standard Switches Configuring Standard Virtual Switch Policies

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-4
2011 VMware Inc. All rights reserved

Lesson 1: Introduction to vNetwork Standard Switches

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-5
2011 VMware Inc. All rights reserved

Learner Objectives

After this lesson, you should be able to do the following: Define a virtual network. Describe a virtual switch. Describe the virtual switch connection types. Describe the components of a vNetwork standard switch. Create a vNetwork standard switch.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-6
2011 VMware Inc. All rights reserved

What Is a Virtual Network? What Is a Virtual Switch?

A virtual network provides the networking for hosts and virtual machines that use virtual switches. A virtual switch:

Directs network traffic between virtual machines and links to external networks. Combines the bandwidth of multiple network adapters and balances traffic among them. It can also handle physical network interface card (NIC) failover. Models a physical Ethernet switch:

application operating system Virtual NIC

application operating system Virtual NIC

application operating system Virtual NIC

Physical NIC

A virtual machines NIC can connect to a port. Each uplink adapter uses one port.
5-7

Physical Switch Ports

External World

VMware vSphere 5.0: Install, Configure, Manage Revision A

2011 VMware Inc. All rights reserved

Types of Virtual Switch Connections

A virtual switch allows the following connection types: VMkernel port:

For example, for IP storage or vMotion migration For the ESXi management network

One or more virtual machine port groups

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-8
2011 VMware Inc. All rights reserved

Virtual Switch Connection Examples

More than one network can coexist on the same virtual switch, or networks can exist on separate virtual switches.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-9
2011 VMware Inc. All rights reserved

Types of Virtual Switches

A virtual network supports two types of virtual switches: vNetwork standard switches:

Virtual switch configuration for a single host Discussed in this module Virtual switches that provide a consistent network configuration for virtual machines as they migrate across multiple hosts

vNetwork distributed switches:

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-10
2011 VMware Inc. All rights reserved

Standard Virtual Switch Components

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-11
2011 VMware Inc. All rights reserved

Default Standard Virtual Switch Configuration

Display standard virtual switches.

Enable IPv6 on ESXi host.

Delete the virtual switch.

Display virtual switch properties.

Display port group properties.

Display Cisco Discovery Protocol information.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-12
2011 VMware Inc. All rights reserved

Standard Virtual Switch Ports

You can change the number of ports on a standard virtual switch.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-13
2011 VMware Inc. All rights reserved

Network Adapter Properties

For each physical adapter, speed and duplex can be changed. You might need to set the speed and duplex for certain NIC and switch combinations.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-14
2011 VMware Inc. All rights reserved

VLANs
ESXi supports 802.1Q VLAN tagging. Virtual switch tagging is one of three tagging policies supported. Packets from a virtual machine are tagged as they exit the virtual switch. Packets are untagged as they return to the virtual machine. Affect on performance is minimal. ESXi provides VLAN support by giving a port group a VLAN ID

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-15
2011 VMware Inc. All rights reserved

Physical Network Considerations

Discuss VMware vSphere networking needs with your network administration team. Discuss the following issues: Number of physical switches Network bandwidth required Physical switch support for 802.3AD (for NIC teaming) Physical switch support for 802.1Q (for VLAN trunking) Network port security Cisco Discovery Protocol (CDP) and its operational modes: listen, broadcast, listen and broadcast, and disabled.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-16
2011 VMware Inc. All rights reserved

Lab 6

In this lab, you will create a standard virtual switch and port group. 1. View the current standard virtual switch configuration. 2. Create a standard virtual switch with a virtual machine port group. 3. Attach your virtual machine to a virtual switch port group.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-17
2011 VMware Inc. All rights reserved

Review of Learner Objectives

You should be able to do the following: Define a virtual network. Describe a virtual switch. Describe the virtual switch connection types. Describe the components of a vNetwork standard switch. Create a vNetwork standard switch.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-18
2011 VMware Inc. All rights reserved

Lesson 2: Configuring Standard Virtual Switch Policies

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-19
2011 VMware Inc. All rights reserved

Learner Objectives

After this lesson, you should be able to do the following: Describe the security properties of a standard virtual switch port group:

VLANs Security, traffic-shaping, and NIC teaming policies

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-20
2011 VMware Inc. All rights reserved

Network Policies

Three network policies: Security Traffic shaping NIC teaming Policies are defined: At the standard virtual switch level:

Default policies for all the ports on the standard virtual switch Effective policies: Policies defined at this level override the default policies set at the standard virtual switch level.

At the port or port group level:

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-21
2011 VMware Inc. All rights reserved

Security Policy
Administrators can configure layer 2 Ethernet security options at the standard virtual switch and at the port groups.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-22
2011 VMware Inc. All rights reserved

Traffic-Shaping Policy
Network traffic shaping is a mechanism for controlling a virtual machines network bandwidth. Average rate, peak rate, and burst size are configurable.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-23
2011 VMware Inc. All rights reserved

Configuring Traffic Shaping

Traffic shaping is disabled by default. Parameters apply to each virtual NIC in the standard virtual switch. On a standard switch, traffic shaping controls outbound traffic only.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-24
2011 VMware Inc. All rights reserved

NIC Teaming Policy

NIC Teaming settings: Load Balancing (outbound only) Network Failure Detection Notify Switches Failback Failover Order

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-25
2011 VMware Inc. All rights reserved

Load-Balancing Method: Originating Port ID

Virtual switch

Virtual NICs
VMware vSphere 5.0: Install, Configure, Manage Revision A

Physical NICs
5-26
2011 VMware Inc. All rights reserved

Load-Balancing Method: Source MAC Hash

Internet

Virtual switch

Physical switch

Virtual NICs

Physical NICs
5-27
2011 VMware Inc. All rights reserved

VMware vSphere 5.0: Install, Configure, Manage Revision A

Load-Balancing Method: IP-Hash

Internet

Virtual switch

Physical switch

Virtual NICs

Physical NICs
5-28
2011 VMware Inc. All rights reserved

VMware vSphere 5.0: Install, Configure, Manage Revision A

Detecting and Handling Network Failure

Network failure is detected by the VMkernel, which monitors: Link state only Link state plus beaconing Switches can be notified whenever: There is a failover event A new virtual NIC is connected to the virtual switch Failover implemented by the VMkernel based on configurable parameters: Failback: How a physical adapter is returned to active duty after recovering from a failure Load-balancing option: Use explicit failover order. Always use the highest order uplink from the list of active adapters that pass failover detection criteria.
VMware vSphere 5.0: Install, Configure, Manage Revision A 5-29
2011 VMware Inc. All rights reserved

Review of Learner Objectives

You should be able to do the following: Describe the security properties of a standard virtual switch port group:

VLANs Security, traffic-shaping, and NIC teaming policies

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-30
2011 VMware Inc. All rights reserved

Key Points

There are two connection types on a virtual switch: virtual machine and VMkernel. A standard virtual switch is a virtual switch configuration for a single host. Network policies set at the standard virtual switch level can be overridden at the port group level.

VMware vSphere 5.0: Install, Configure, Manage Revision A

5-31
2011 VMware Inc. All rights reserved