NAKIVO Blog >

VMware Administration and Backup >

VMware Networking > ESXi Network Concepts | VMware Administration Essentials

December 6, 2016 by Brandon Lee

ESXi Network Concepts | VMware

Administration Essentials

Critically important to the configuration of any ESXi environment is the proper configuration
of host networking. Generally, host networks include storage, vMotion, VM, and
management networks. These are generally the basic networks configured in order to have
a functioning ESXi cluster that is integrated with the vCenter server.

Try NAKIVO Backup & Replication:

“Best of VMworld 2018” Gold Award Winner for DOWNLOAD
Data Protection

In this post, we will take a look at the ESXi Network concepts that are essential to
understand before we move on to the actual configuration of the ESXi network mentioned
above.

ESXi Network Concepts

Virtual Switches (vSwitches)
The key component to data being moved around between VMs in VMware virtualization
world is a vSwitch . A vSwitch is exactly that – a virtual switch. Though it is not a hardware
device, the virtual switch passes traffic using the same concepts found in the OSI networking Gizlilik - Şartlar
model as physical switches do. In other words, layer 2 frames (OSI data link layer) enter and
exit the vSwitch much as they would a physical switch.
The difference in the vSwitch and the physical switch networking in the VMware world is that
the vSwitch does not keep a table of MAC addresses for devices that it does not directly
know about as does a physical switch. It only knows and cares about the MAC addresses for
VMs and VMkernel port devices that are directly connected to the virtual switch. The vSwitch
will not flood unknown frames out all ports. Unknown frames are simply dropped by the
vSwitch. Unknown MAC address destinations originating from a VM connected to the
vSwitch are sent to the vSwitch physical uplink.

Data Protection with NAKIVO Backup & Replication

Designed for businesses of all sizes, NAKIVO Backup & Replication offers complete data
protection for all of your production workloads, including VMware vSphere Backup ,
Hyper-V Backup , Microsoft 365 Backup and more.

vSwitch Types
In vSphere, there are two types of switches that can be provisioned, the standard vSwitch or
SVS, and Distributed vSwitch or DVS. The Distributed vSwitch requires Enterprise Plus
licensing to be made available and is configured at the vCenter level. For the purposes of
this essentials post, we will be using Standard vSwitches since they span the full range of
licensed offerings from VMware and they don’t require vCenter server.

Virtual ports
Virtual ports on the vSwitch act like the ports on a physical switch. Each VM that is
configured with a virtual network adapter uses one of these virtual ports on the vSwitch.
Also, there are VMkernel ports , which are a special kind of ports that talk directly to the ESXi
host’s VMkernel and are required to make storage, vMotion, and management network
traffic possible.

Physical Uplinks
Virtual Switch traffic is uplinked on each ESXi host by the physical network cards in the ESXi
host that are bound to that vSwitch in VMware. This provides the traffic path for traffic
entering and exiting the vSwitch. The real physical interface on the ESXi host is mapped to a
vmnic in ESXi. These mappings can be seen when managing the networking adapters on the
ESXi host.
Notice the physical adapters assigned to the vSwitches.

Port Groups
Port groups allow us to logically carve up our virtual ports that are available on a particular
vSwitch. We can apply traffic policy rules at the port group level – security rules and traffic
shaping. Port groups are where we can also assign VLANs to our traffic. Below, take note of a
configured port group called “TestPortGroup”.
VLANs
VLANs are virtual networks based on the IEEE 802.1Q standard that logically separate traffic
over the same physical infrastructure. VLANs allow for segmenting networks into different
pieces without having to physically separate networks. This is made possible by an
additional VLAN tag being sent within the Ethernet frame header which identifies which
VLAN the traffic belongs to. Often, this is done for security and performance reasons. As the
network becomes larger, broadcast traffic can grow exponentially. VLANs segment broadcast
domains so that unwanted broadcast traffic is contained within a logical network.
On the security side of things, if we want to make sure that certain traffic is inaccessible
from other parts of the network, we can assign that traffic to its own VLAN which isolates it
from other VLANs on the production network allowing us to segment sensitive or private
traffic from regular production traffic.
Going back to our vSwitch, there are three ways we can set VLAN tags – virtual switch
tagging (VST), virtual guest tagging (VGT), or external switch tagging (EST).
Setting VLAN tags at the port group level is known as virtual switch tagging or VST. This
means we set the VLAN tag at the vSwitch level on the port group. So, our vSwitch is
managing VLAN tags. This is perhaps the easiest and preferred way to introduce VLANs into
the virtual environment.
Setting VLAN tags on our physical switch is called external switch tagging or EST. The
physical switch is responsible for managing VLAN tags. In many VMware environments, if
you have a dedicated storage switch, the ports will be set in untagged mode meaning the
physical switch is doing all of the tagging operations and the virtual switch is not aware of
this. This is known as External Switch Tagging or EST.
The least common use case is virtual guest tagging or VST. It allows the virtual guest VM to
tag traffic and pass this along to the vSwitch which then passes the VLAN-tagged frame up to
the physical switch.

vCenter Server
What is VMware vCenter exactly? VMware’s vCenter product is the core product required to
turn on the enterprise features. This includes, but isn’t limited to the following:
Centralized management including Single Sign On (SSO) authentication
Centralized permissions management
Centralized logging of tasks events
Resource management
Central location to perform management and administrative tasks across ESXi hosts
High Availability
Distributed Resource Scheduling
Fault Tolerance
Centralized updating via the update manager

***Note*** VCenter server is also needed to unlock additional modules that one may wish
to take advantage of in the VMware ecosystem such as VMware NSX, VSAN, and others.

Back up your VMware ESXi VMs for free : Download the latest Free Edition of NAKIVO
Backup & Replication here.

Thoughts
The above terminology and ESXi Network concepts are crucial to understanding the basics
when it comes to setting up our host in ESXi network configuration. We will reference these
as we move forward with configuring the various required networks for storage, vMotion,
VM and management networks.
 4.8 (95%) 16 votes
Por favor, introduzca su dirección de correo electrónico SUSCRIBIR

People also read

HTML5 vSphere Web Client

vs. the Past Understanding Virtual
Volumes (vVols) in VMware
VMware vSphere: vCenter vSphere 6.7 and 7.0
Single Sign-On (SSO)

Older post Newer post

Categories

Top Posts
 Request Demo Download Free Trial See Pricing
Request a live demo by one of Download a full-featured free See the full list of features,
our engineers trial editions and prices

Request Demo Download See Pricing

Sales Support

Email: sales@nakivo.com Email: support@nakivo.com

Fax: +1 408 516 9464
Americas: +1 408 335 7367 (worldwide) Americas: +1 702 605 4495
EMEA: +44 20 7097 1535 Europe: +44 207 193 1230
Taiwan: +886 2 7735 4556 Asia: +886 2 7735 4555

NAKIVO on social media:

Get special offers and updates:

Por favor, introduzca su dirección de correo electrónico

SUSCRIBIR

©2021 NAKIVO, Inc. All Rights Reserved Privacy Policy | EULA



GigabitEthernet3/0/13 GigabitEthernet4/0/13
Vlan120
Vlan120
10.0.1.253 10.0.1.253

GigabitEthernet3/0/38 GigabitEthernet3/0/40

Vlan224 Vlan224
10.60.224.254
10.60.224.254

3850_L3_Switch vmnic1
vmnic0
vmnic_1
vmnic_0

VM_Kernal
vmk0->10.60.224.11 VM_Kernal
vmk0->10.60.224.13
vSwitch2 vSwitxh0 vSwitxh0 vSwitch2

VM ManagementNetwork
DMZVLAN
PortGroup
ManagementNetwork VM
NETWORK PortGroup
DMZVLAN

PortGroup PortGroup
NETWORK
PortGroup
PortGroup

ESXi_Host ESXi_Host

10.60.224.51/22

10.60.224.52

/22
LAN2-->10.215.1.82/24

LAN2-->10.215.1.81/24

EXP_C_2
GW:10.60.224.254

EXP_C_1
LAN1-->10.60.224.81 /22
GW:10.60.224.254

LAN1-->10.60.224.82 /22

VMK-->This interface is the management interface for the ESXi host

vmnic = A real phyiscal interface on an ESX host

EXP_E_1 EXP_E_2
LAN2_NAT-->212.174.79.91
LAN2_NAT-->213.74.150.91