Configure and Manage Virtual Networks

Module 5

© 2011 VMware Inc. All rights reserved

 You Are Here

Course Introduction Data Protection

Introduction to Virtualization Access & Authentication Control

Virtual Machines Resource Management and Monitoring

VMware vCenter Server High Availability

Configure and Manage Virtual Networks Scalability

Configure and Manage Virtual Storage Patch Management

Managing Virtual Machines Installing vSphere Components

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-2

© 2011 VMware Inc. All rights reserved

 Importance

VMware® ESXi™ networking features allow virtual machines to

communicate with other virtual and physical machines, allow
management of the ESXi host, and allow the VMkernel to access IP-
based storage and perform VMware vSphere® vMotion® migrations.
Failure to properly configure ESXi networking can negatively affect
virtual machine management and storage operation.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-3

© 2011 VMware Inc. All rights reserved

 Module Lessons

Lesson 1: Introduction to vNetwork Standard Switches

Lesson 2: Configuring Standard Virtual Switch Policies

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-4

© 2011 VMware Inc. All rights reserved

 Lesson 1:
Introduction to vNetwork Standard
Switches

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-5

© 2011 VMware Inc. All rights reserved

 Learner Objectives

After this lesson, you should be able to do the following:

 Define a virtual network.
 Describe a virtual switch.
 Describe the virtual switch connection types.
 Describe the components of a vNetwork standard switch.
 Create a vNetwork standard switch.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-6

© 2011 VMware Inc. All rights reserved

 What Is a Virtual Network? What Is a Virtual Switch?

A virtual network provides the networking for hosts and virtual

machines that use virtual switches.
A virtual switch:
 Directs network traffic between
application application application

virtual machines and links to operating system operating system operating system
external networks. Virtual Virtual
NIC
Virtual
NIC
NIC
 Combines the bandwidth of
multiple network adapters and
balances traffic among them. It
can also handle physical network
interface card (NIC) failover.
 Models a physical Ethernet
Physical NIC
switch:
• A virtual machine’s NIC can
connect to a port. Physical
Switch
• Each uplink adapter uses one
Ports
port. External World

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-7

© 2011 VMware Inc. All rights reserved

 Types of Virtual Switch Connections

A virtual switch allows the following connection types:

 VMkernel port:
• For example, for IP storage or vMotion migration
• For the ESXi management network
 One or more virtual machine port groups

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-8

© 2011 VMware Inc. All rights reserved

 Virtual Switch Connection Examples

More than one network can coexist on the same virtual switch, or
networks can exist on separate virtual switches.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-9

© 2011 VMware Inc. All rights reserved

 Types of Virtual Switches

A virtual network supports two types of virtual switches:

 vNetwork standard switches:
• Virtual switch configuration for a single host
• Discussed in this module
 vNetwork distributed switches:
• Virtual switches that provide a consistent network configuration for virtual
machines as they migrate across multiple hosts

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-10

© 2011 VMware Inc. All rights reserved

 Standard Virtual Switch Components

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-11

© 2011 VMware Inc. All rights reserved

 Default Standard Virtual Switch Configuration

Display standard
virtual switches. Enable IPv6 on
ESXi host.

Delete the
virtual switch.
Display virtual
switch properties.

Display Cisco
Discovery Protocol
Display port group information.
properties.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-12

© 2011 VMware Inc. All rights reserved

 Standard Virtual Switch Ports

You can change the number of ports on a standard virtual switch.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-13

© 2011 VMware Inc. All rights reserved

 Network Adapter Properties

For each physical adapter, speed and duplex can be changed.

You might need to set the speed and duplex for certain NIC and
switch combinations.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-14

© 2011 VMware Inc. All rights reserved

 VLANs

ESXi supports 802.1Q VLAN tagging.

Virtual switch tagging is one of three
tagging policies supported.
 Packets from a virtual machine are
tagged as they exit the virtual switch.
 Packets are untagged as they return
to the virtual machine.
 Affect on performance is minimal.
ESXi provides VLAN support by
giving a port group a VLAN ID

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-15

© 2011 VMware Inc. All rights reserved

 Physical Network Considerations

Discuss VMware vSphere® networking needs with your network

administration team. Discuss the following issues:
 Number of physical switches
 Network bandwidth required
 Physical switch support for 802.3AD (for NIC teaming)
 Physical switch support for 802.1Q (for VLAN trunking)
 Network port security
 Cisco Discovery Protocol (CDP) and its operational modes: listen,
broadcast, listen and broadcast, and disabled.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-16

© 2011 VMware Inc. All rights reserved

 Lab 6

In this lab, you will create a standard virtual switch and port group.
1. View the current standard virtual switch configuration.
2. Create a standard virtual switch with a virtual machine port group.
3. Attach your virtual machine to a virtual switch port group.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-17

© 2011 VMware Inc. All rights reserved

 Review of Learner Objectives

You should be able to do the following:

 Define a virtual network.
 Describe a virtual switch.
 Describe the virtual switch connection types.
 Describe the components of a vNetwork standard switch.
 Create a vNetwork standard switch.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-18

© 2011 VMware Inc. All rights reserved

 Lesson 2:
Configuring Standard Virtual Switch
Policies

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-19

© 2011 VMware Inc. All rights reserved

 Learner Objectives

After this lesson, you should be able to do the following:

 Describe the security properties of a standard virtual switch port
group:
• VLANs
• Security, traffic-shaping, and NIC teaming policies

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-20

© 2011 VMware Inc. All rights reserved

 Network Policies

Three network policies:

 Security
 Traffic shaping
 NIC teaming
Policies are defined:
 At the standard virtual switch level:
• Default policies for all the ports on the standard virtual switch
 At the port or port group level:
• Effective policies: Policies defined at this level override the default policies
set at the standard virtual switch level.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-21

© 2011 VMware Inc. All rights reserved

 Security Policy

Administrators can configure layer 2 Ethernet security options at

the standard virtual switch and at the port groups.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-22

© 2011 VMware Inc. All rights reserved

 Traffic-Shaping Policy

Network traffic shaping is a mechanism for controlling a virtual

machine’s network bandwidth.
Average rate, peak rate, and burst size are configurable.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-23

© 2011 VMware Inc. All rights reserved

 Configuring Traffic Shaping

Traffic shaping is
disabled by default.
Parameters apply
to each virtual NIC
in the standard
virtual switch.
On a standard
switch, traffic
shaping controls
outbound traffic
only.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-24

© 2011 VMware Inc. All rights reserved

 NIC Teaming Policy

NIC Teaming
settings:
 Load Balancing
(outbound only)
 Network Failure
Detection
 Notify Switches
 Failback
 Failover Order

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-25

© 2011 VMware Inc. All rights reserved

 Load-Balancing Method: Originating Port ID

Virtual
switch

Virtual Physical
NICs NICs

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-26

© 2011 VMware Inc. All rights reserved

 Load-Balancing Method: Source MAC Hash

Internet

Virtual Physical
switch switch

Virtual Physical
NICs NICs

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-27

© 2011 VMware Inc. All rights reserved

 Load-Balancing Method: IP-Hash

Internet

Virtual Physical
switch switch

Virtual Physical
NICs NICs

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-28

© 2011 VMware Inc. All rights reserved

 Detecting and Handling Network Failure

Network failure is detected by the

VMkernel, which monitors:
 Link state only
 Link state plus beaconing
Switches can be notified whenever:
 There is a failover event
 A new virtual NIC is connected to the
virtual switch
Failover implemented by the VMkernel
based on configurable parameters:
 Failback: How a physical adapter is
returned to active duty after recovering
from a failure
 Load-balancing option: Use explicit
failover order. Always use the highest
order uplink from the list of active adapters
that pass failover detection criteria.
VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-29

© 2011 VMware Inc. All rights reserved

 Review of Learner Objectives

You should be able to do the following:

 Describe the security properties of a standard virtual switch port
group:
• VLANs
• Security, traffic-shaping, and NIC teaming policies

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-30

© 2011 VMware Inc. All rights reserved

 Key Points

 There are two connection types on a virtual switch: virtual machine

and VMkernel.
 A standard virtual switch is a virtual switch configuration for a single
host.
 Network policies set at the standard virtual switch level can be
overridden at the port group level.

VMware vSphere 5.0: Install, Configure, Manage – Revision A 5-31

© 2011 VMware Inc. All rights reserved