VSOS6 M05 NetworkScalability

Network Scalability
Module 5
2015 VMware Inc. All rights reserved.

You Are Here
1. Course Introduction 7. Storage Scalability
2. vSphere Security 8. Storage Optimization
3. VMware Management 9. CPU Optimization

Resources
10. Memory Optimization
4. Performance in a Virtualized
11. Virtual Machine and Cluster
Environment
Optimization
5. Network Scalability
12. Host and Management
6. Network Optimization Scalability
VMware vSphere: Optimize and Scale 5-2

Importance
As you scale your VMware vSphere environment, you must be aware
of the vSphere distributed switch features and functions that help you
manage networking in your environment.

Module Lessons
Lesson 1: Distributed Switch Features
Lesson 2: Distributed Switch Advanced Features

Lesson 1:
Distributed Switch Features
5-5
Learner Objectives
By the end of this lesson, you should be able to meet the following
objectives:
Review the benefits and functions of distributed switches
Describe types of discovery protocols
Describe port binding on distributed port groups
Describe how VMware vSphere Network I/O Control enhances performance
Describe traffic filtering and marking policy
Explain health check
Back up and restore a distributed switch configuration
Explain the automatic rollback and recovery of networking configurations

Review: Distributed Switches
A distributed switch functions as a single virtual switch across all
associated hosts.
Distributed switches have several benefits over standard switches:
They simplify data center administration.
They enable networking statistics and policies to migrate with virtual machines
during a VMware vSphere vMotion migration.
They provide for customization and third-party development.
Standard Switches Distributed Switches

Distributed Switch Architecture
A distributed switch moves network management components to the
data center level.
Management Port
Management
Port vSphere vMotion
Port
Distributed Ports
and Port Groups
Distributed Switch vCenter
(Control Plane) Server
Uplink
Port Groups
Host 1 Host 2
Hidden Virtual
Switches
(I/O Plane)
Virtual
Physical NICs Physical

(Uplinks)

Standard Switch and Distributed Switch Feature Comparison
Feature Standard Switch Distributed Switch
Layer 2 switch
VLAN segmentation
IPv6 support
802.1Q tagging
NIC teaming
Outbound traffic shaping
Inbound traffic shaping
Configuration backup and restore
Private VLANs
Link Aggregation Control Protocol
Data center-level management
Network vMotion
Network I/O Control VMware vSphere: Optimize and Scale 5-9

Discovery Protocols
Switch discovery protocols help network administrators determine the
capabilities of a network device.
vSphere supports the following discovery protocols:
Cisco Discovery Protocol (CDP)
Link Layer Discovery Protocol (LLDP)
CDP is available for vSphere standard switches and distributed switches

connected to Cisco physical switches.
LLDP is a vendor-neutral protocol that is available for distributed
switches beginning in version 5.0.
You can use CDP and LLDP to gather configuration and connection
information about the physical or virtual switch:
Such information might aid troubleshooting network problems.

Configuring CDP or LLDP
With CDP or LLDP enabled, the virtual switch can be configured for
different modes of operation: Listen, advertise, or both.
Listen: Information is received from the physical switches.
Advertise: Information is sent to the physical switches.
Both: Information is sent to and received from the physical switches.

Viewing CDP Information
When CDP is enabled for a
distributed switch or a standard
switch, you can view properties of
the peer physical switch, such as
device ID, software version, and
timeout.
Standard Switch
Distributed Switch

Viewing LLDP Information
When LLDP is enabled for a
distributed switch, you can view
properties of the peer physical
switch.
Distributed Switch

About Port Binding
Port binding determines when and how a virtual machines virtual NIC is
assigned to a virtual switch port.
Settings for the pg-Production
Three port binding options exist: Distributed Port Group
Static binding: Default setting.
Dynamic binding: Deprecated.
Ephemeral: No binding occurs.
For static binding, two port

allocation options exist:
Elastic: When all ports are
assigned, a new set of eight ports
is created.
Fixed: No additional ports are created when all ports are assigned.
Port binding is configured at the distributed port group level.

Port Binding Examples
Each type of port binding has different effects on network connections.
Static port binding example:

Distributed
Three ports on the distributed port group are assigned to the first
Switch three virtual machines that connect to these ports.
These ports are permanently locked to the virtual machines. The
virtual machine power state does not matter.
If elastic port allocation is used, ports are added as needed.
Distributed Dynamic port binding example:

Switch Three ports exist on the distributed port group, but four virtual
machines are powered on.
Only three out of the four virtual machines are connected.
Ephemeral port binding example:

Distributed
Switch As many ports as you need are available: limited only by the
maximum for vSphere on your hardware.
The power state of the virtual machines does not matter.
Ports are created as you connect.

About Network I/O Control Version 3
Network I/O Control version
Network Resource Pools
3 can be used to allocate
vSphere
network bandwidth to vSphere vSphere Data
Fault
business-critical vMotion Tolerance Replication Protection
applications and to resolve Virtual
situations where several Mgmt NFS iSCSI SAN
types of traffic compete for
common resources. Distributed Port Group
Network I/O Control version Distributed Switch
3 allocates network
bandwidth over distributed
switches by using network
resource pools for virtual
10GigE
machine and system traffic.

Network I/O Control Version 2 and Version 3
vSphere 6 provides Network I/O Control version 3.
Version 3 has the following features:
Enables you to reserve bandwidth for system traffic and virtual machine traffic
based on the capacity of the physical adapters on a host
Enables detailed resource control at the virtual machine network adapter level,
similar to the model that you use for allocating CPU and memory resources:
Shares, reservations, and limits are used to control bandwidth.
vSphere 6 also supports Network I/O Control version 2, available in

distributed switch versions 5.1 and 5.5:
Version 2 and version 3 use different models for allocating bandwidth to virtual
machines and system traffic.
Version 2 and version 3 can coexist in vSphere 6.

Bandwidth Allocation Model for System Traffic
You can use Network I/O Control version 3 on a distributed switch to
configure bandwidth allocation for system traffic, such as management,
vSphere vMotion migration, and virtual machines.
Network I/O Control version 3 allocates bandwidth to each type of
system traffic by using shares, reservations, and limits.
Bandwidth Parameter Description

Shares, from 1 through 100, reflect the relative priority of
Shares a system traffic type against other system traffic types
that are active on the same physical adapter.
The minimum bandwidth, in Mbps, that must be
Reservations
guaranteed on a single physical adapter.
The maximum bandwidth, in Mbps or Gbps, that a
Limit system traffic type can consume on a single physical
adapter.

Bandwidth Reservation for System Traffic
Network I/O Control version 3 allocates the requested bandwidth on
each physical network adapter. You can reserve no more than 75
percent of the bandwidth of a physical network adapter, that is, no more
than 7.5 Gbps.

Bandwidth Allocation for Virtual Machine Traffic
Bandwidth is allocated to individual virtual machines based on
configured shares, reservations, and limits for the virtual machines
network adapters.
Bandwidth Parameter Description

The relative priority, from 1 through 100, of the traffic
through the virtual machines network adapter against the
Shares
capacity of the physical adapter that is carrying the virtual
machines traffic to the network.
The minimum bandwidth, in Mbps, that the virtual machine
Reservations
network adapter must receive on the physical adapter.
The maximum bandwidth on the virtual machine
Limit network adapter for traffic to other virtual machines on
the same or on another host.

Bandwidth Aggregation for Network Resource Pools
A network resource
pool represents a
part of the bandwidth
aggregated for
network resource
pools across the
uplinks of a
distributed switch.
By default, distributed
port groups are
assigned to the
network resource
pool named default,
where no quota is
configured.

Bandwidth Allocation for Individual Virtual Machines
The total bandwidth reservation of the virtual machines on a host cannot
exceed the reserved bandwidth that is configured for the virtual machine
system traffic.

Bandwidth Admission Control in vSphere DRS
Bandwidth admission control validates that the virtual machine
reservation can be met.
If the reservation cannot be met on the current cluster, then VMware
vSphere Distributed Resource Scheduler places the virtual machine
on a host that has the capacity to guarantee the bandwidth reserved for
the virtual machine.
Reservation: VM2 VM1 VM3 Reservation:

600 Mbps Reservation 600 Mbps
cannot be met
VM Network Traffic
Reservation: 600 Mbps
Distributed Switch
ESXi Host1 ESXi Host2

Uplink 1 Gbps Uplink 1 Gbps
VM Reservation: VM Reservation:
600 Mbps per Uplink 600 Mbps per
Uplink
Bandwidth Admission Control in vSphere HA
When a host fails or is isolated, VMware vSphere High Availability
powers on a virtual machine on another host in the cluster according to
the bandwidth reservation and teaming policy.
VM1 VM1
VM Network Traffic
Reservation: 600 Mbps
Distributed Switch
ESXi Host1 ESXi Host2

Uplink 1 Gbps VM Reservation: Uplink 1 Gbps VM Reservation:
1200 Mbps 600 Mbps

About the Traffic Filtering and Marking Policy
vSphere distributed switches provide a traffic filtering and marking policy
that enables you to protect your virtual network from unwanted traffic and
security attacks.
The traffic filtering and marking policy has the following features:
Permits and denies specific types of traffic
Applies a QoS tag to mark a certain type of traffic
Is equivalent to the access control list feature available on physical switches
The traffic filtering and marking policy consists of one or more network
traffic rules, defined at the distributed port group or uplink port group
level.

Creating a Network Traffic Rule
You can define network traffic rules for processing traffic related to virtual
machines or to physical adapters.
A network traffic rule consists of the following elements:
Action:
Allow
Drop
Tag
Traffic direction:
Ingress, egress, or both
Packet classification:
System traffic qualifier
MAC qualifier
IP qualifier

Example of Using a System Traffic Qualifier
This rule, called System Traffic Rule 1, allows incoming and outgoing
virtual machine traffic.

Example of Using a MAC Qualifier
This rule, called Network Traffic Rule 1, allows incoming traffic from
systems on VLAN 32 that are in the MAC address range
00:50:56:00:00:00.

Example of Using an IP Qualifier
This rule, called Network Traffic Rule 2, drops all outgoing ICMP packets
for any IP address (source and destination).

Marking Network Traffic
You can assign priority tags to traffic that has higher networking
requirements for bandwidth, low latency, and so on.
You can mark the traffic with a CoS tag in layer 2 or DSCP tag in layer 3.
Marking traffic has the following benefits:
Important traffic can be tagged so that these packets are not dropped by the
physical network during congestion.
End-to-end QoS and SLA requirements can be provided.

Example of Marking Network Traffic
This rule, called Tagging Traffic Rule 1, marks incoming SIP UDP
packets from subnet 192.168.2.0/24.

About vSphere Distributed Switch Health Check
The health check support helps you identify and troubleshoot
configuration errors in a vSphere distributed switch.
Health check regularly examines certain settings on the distributed and
physical switches to identify common configuration errors:
Mismatched VLAN trunks between the distributed switch and physical switch
Mismatched MTU setting between the distributed switch, physical adapter, and
physical switch ports
Mismatched virtual switch teaming policies for the physical switch port-channel
settings

Health Check Example
In this example, two VMware ESXi hosts use one distributed switch
with two distributed port groups.
Virtual Network Configuration

Port Group
Port Group
Configuration:
Configuration: VLAN 10
VLAN 20 MTU 9000
MTU 9000
Team Port ID
Team IP Hash Distributed Switch
ESXi ESXi
ESXi
Switch Port Switch Port

Configuration: Configuration:
VLAN 10 VLAN 10
O 2
MTU 1500 1 MTU 9000
Team None Team None
Physical Network Configuration

Enabling Health Check
Health check is available only with VMware vSphere Web Client.
Health checks can be performed on the following network components:
VLAN and MTU
Teaming and failover

Monitoring Health Check Results
After health check runs for a few minutes, you can monitor the results on
the Health tab in the vSphere Web Client.

Backing Up and Restoring Configurations
You can back up and restore the configuration of your distributed switch,
distributed port groups, and uplink port groups for deployment, rollback,
and sharing purposes.
The following operations are supported:
Back up the configuration on disk.
Restore the switch and port group configuration from a backup.
Create a new switch or port group from the backup.
Revert to a previous port group configuration after changes are made.
You perform these operations by using the export, import, and restore
functions available for distributed switches.

Exporting a Distributed Switch Configuration
You can export distributed switch and distributed port group
configurations to a file.
Exporting enables you to do the following tasks:
Make a backup of your distributed switch configuration.
Create a template of a distributed switch configuration.
Create a revision control system for your distributed switch configuration.

Restoring and Importing a Distributed Switch Configuration
After you export a distributed switch configuration, you can restore a
configuration or import a configuration:
Restore resets the configuration of an existing distributed switch from an
exported configuration file.
Import creates a new distributed switch from an exported configuration file.
You can use restore to reset a distributed switch configuration that has
become corrupted.
You can use import to create a new distributed switch, for example, on a
different VMware vCenter Server system.

Rollback and Recovery of the Management Network
Rollback prevents the accidental misconfiguration and loss of
connectivity to vCenter Server by rolling back to the previous valid
management network configuration:
By default rollback is enabled.
Rollback provides the following options to recover from management

network misconfigurations:
Automatic rollback if misconfiguration is detected
Direct Console User Interface (DCUI) to recover the management network

Rollback Details
By rolling back configuration changes, vSphere protects hosts from
losing connection to vCenter Server due to misconfiguration of the
management network.
Updates that trigger a rollback:
Host-level rollback:
Triggered when there is a change in the host networking configurations, such as a
physical NIC speed change, change in MTU configuration, or change in IP settings.
Distributed switch-level rollback:
Occurs after the user updates distributed switch-related objects, such as port group or
distributed ports.

Enabling and Disabling Rollback
Rollback is enabled by default.
You can disable rollback by changing the vCenter Server
config.vpxd.network.rollback advanced setting to false.

Recovery Through the DCUI
If rollback is
disabled, the DCUI
provides an easy
way for the user to
connect directly to
the host and fix the
distributed switch
properties.
DCUI recovery must
be performed per
host.

Review of Learner Objectives
You should be able to meet the following objectives:
Review the benefits and functions of distributed switches
Describe types of discovery protocols
Describe port binding on distributed port groups
Describe how VMware vSphere Network I/O Control enhances performance
Describe traffic filtering and marking policy
Explain health check
Back up and restore a distributed switch configuration
Explain the automatic rollback and recovery of networking configurations

Lesson 2:
Distributed Switch Advanced
Features
5-44
Learner Objectives
By the end of this lesson, you should be able to meet the following
objectives:
Describe how Link Aggregation Control Protocol (LACP) enhances availability
and performance
Explain how private VLANs work
Configure NetFlow on a distributed switch
Configure port mirroring on a distributed switch

LACP
LACP is a standards-based (802.3ad) link aggregation method that is
supported on distributed switches.
LACP has the following features:
Enables you to connect ESXi hosts to physical switches that use dynamic link
aggregation
Detects link failures and cabling mistakes
Automatically negotiates link aggregation properties between virtual and
physical switches
You use LACP to increase network bandwidth and redundancy.

Link Aggregation Group
LACP support is provided by using a link aggregation group (LAG).
You create a LAG on a distributed switch to aggregate the bandwidth of
physical NICs on ESXi hosts that are connected to LACP port channels.
The network traffic is load balanced between the LAG ports:
All load balancing algorithms of LACP are supported by the distributed switch.
You can use a LAG to handle traffic for a distributed port group by setting
the LAG as active in the groups teaming and failover order.
You can have multiple LAGs:
32 per ESXi host
64 per distributed switch

LAG Architecture
You configure the same number of ports for a LAG as the number of
ports on the LACP port channels on the physical switch.
Production Test
Distributed
Uplink Port Group Switch
LAG01
Uplink0 Uplink1
LAG01-1 LAG01-1
ESXi Host 1 ESXi Host 2
Uplink Port Group Uplink Port Group

LAG01 LAG01
Uplink Uplink Uplink Uplink
Port 0 Port 1 Port 0 Port 1
LAG01-1 LAG01-1 LAG01-1 LAG01-1
LACP Port Channel LACP Port Channel
Physical Switch

Example of LACP Deployment with Two LAGs
This example shows a vSphere host deployment with four uplinks,
connected to two physical switches.
Host
Port Group Port Group
Active Link: Active Link:
LAG1 LAG2
Distributed Switch
ESXi
Distributed Switch Configuration:
LAG1 2 Uplinks; LB Algorithm Source IP
LAG2 2 Uplinks; LB Algorithm Destination IP
Switch 1 Switch 2
LAG1 Port 1,2 Physical LAG2 Port 1,2

Switches

VLAN Policies for Distributed Port Groups
VLANs divide a single broadcast domain into several logical broadcast
domains.
VLAN policies determine how VLANs function across your network
environment.
The following VLAN policies exist for distributed port groups:
None
Settings for the pg-Production Distributed Port Group
VLAN
VLAN trunking
Private VLAN

Private VLANs
A private VLAN divides an existing VLAN, called the primary VLAN, into
one or more separate VLANs, called secondary VLANs.
A secondary VLAN has the following characteristics:
Exists only in the primary VLAN
Shares the same IP network address
Is identified on the physical and distributed switches by a unique
VLAN ID
A private VLAN is an extension to the VLAN standard.
A private VLAN has the following benefits:
Enables you to isolate traffic between virtual machines that are in the same
VLAN
Provides additional security between virtual machines on the same subnet
without consuming more VLAN IDs

Types of Secondary Private VLANs
A private VLAN is identified by its primary VLAN ID. A primary VLAN ID
can have multiple secondary VLAN IDs associated with it.
The type of secondary private VLAN determines packet forwarding rules.
Three types of secondary private VLANs:
Promiscuous
Isolated
Community
Example of Primary and Secondary VLAN IDs
Primary Secondary Type

5 5 Promiscuous
5 155 Isolated
5 17 Community

Promiscuous Private VLANs
A node attached to a port in Primary Secondary Type
a promiscuous secondary 5 5 Promiscuous
private VLAN can send and 5 155 Isolated VM 1

receive packets to any node 5 17 Community
in any other secondary

VM 2
private VLAN associated
with the same primary.
155
155
Routers are typically
attached to promiscuous VM 3
ports.
17
17
55 VM 4
VM 5
VM 6

Isolated Private VLANs
A node attached to a port in Primary Secondary Type
an isolated secondary 5 5 Promiscuous

5 155 Isolated VM 1
private VLAN can send
5 17 Community
packets to and receive
packets from only the VM 2
promiscuous private VLAN.
155
155
Only one isolated
secondary private VLAN is VM 3
permitted per primary. 17
17
VM 4
55
VM 5
VM 6

Community Private VLANs
A node attached to a port in a Primary Secondary Type
community secondary private 5 5 Promiscuous
VLAN can send packets to 5 155 Isolated
and receive packets from 5 17 Community
VM 1
other ports in the same
secondary private VLAN,
including ports in the VM 2
promiscuous private VLAN.
155
155
Each virtual machine can
send to and receive from VM 3
different secondary private
VLANs, for example,
17
17
community and promiscuous. 55
VM 4
VM 5
VM 6

Physical Switch Implementation of Private VLANs
Private VLANs are implemented the same way for physical or distributed
switches:
Standard 802.1Q tagging.
No double encapsulation.
Physical switch software decides which ports to 5 5 Promiscuous
forward the frame to, based on the tag and the 5 155 Isolated
private VLAN tables. 5 17 Community
For private VLANs, the VLAN

ID is the secondary ID.
Distributed
Switch
5 5 15 17
5
VLAN55 PrivateVLAN
VLAN55 PrivateVLAN
VLAN155155 PrivateVLAN
VLAN17
17
VLAN Private Private Private
(Promiscuous) (Isolated) (Community)
(Promiscuous) (Isolated) (Community)

Private VLANs and Physical Switches
The physical switch must be private VLAN-aware and configured
appropriately to enable the secondary private VLANs to reach their
destination.
A physical switch can be confused by the fact that each MAC address is
visible in more than one VLAN tag.
A physical switch must have a trunk port to the ESXi host and not be in a
secondary private VLAN.
Most private VLAN problems are caused by physical switches that are
configured incorrectly:
Compare the private VLAN map in the physical switch to the private VLAN
configuration in the distributed switch.

Example: Private VLAN-Aware Physical Switch
In this example, a virtual machine Switch ports that see
in a promiscuous private VLAN the same MAC address
through different VLAN tags
tries to exchange ARP information
with a virtual machine in an
Private VLAN logic detects that
isolated private VLAN. the destination is isolated, so it
acts as if the tag were 155.
ARP Request ARP Request

ARP Request Tag: 5 Tag: None
Tag: 5
ARP Request 5 5 Promisc
Tag: None 5 155 Isolated
5 155 5 17 Comm
Promiscuous
Isolated
Distributed
ARP Reply Switch
Tag: None ARP Reply ARP Reply ARP Reply
Tag: 155 Tag: 155 Tag: None

Configuring Private VLANs
You can configure the necessary private VLANs on the distributed switch
in order to assign distributed ports to participate in a private VLAN.

Assigning a Private VLAN to a Distributed Port Group
You can set the VLAN policy on a distributed port group to apply VLAN
tagging globally on all distributed ports.
In this example, you assign a private VLAN ID to the distributed port
group named pg-Production.

About NetFlow
NetFlow is a network analysis tool for monitoring the network and
viewing virtual machine traffic flowing through a distributed switch.
NetFlow can be used for profiling, intrusion detection and prevention,
networking forensics, and compliance.
The vSphere distributed switch supports IPFIX (NetFlow version 10).
ESXi
Hosts
Distributed NetFlow
Switch Collector
Distributed Switch
Enabled
for
NetFlow Network Flow Data

Network Flows
A network flow is a unidirectional sequence of packets, with each packet sharing
a common set of properties.
NetFlow captures the following types of flows:
Internal flow: Represents intrahost virtual machine traffic
External flow: Represents interhost virtual machine traffic and physical
machine-to-virtual machine traffic
Flow records are sent to a NetFlow collector for analysis.
Internal Flow External Flows
ESXi
Hosts
Physical
NetFlow
Host Collector
Distributed Switch
Network Flow Records

Network Flow Analysis
Network flow data is sent to a third-party NetFlow collector, which
accepts and stores network flow records.
A NetFlow collector has the following features:
Includes a storage system for long-term storage of flow-based data:
You can investigate and isolate excessive network bandwidth utilization, bottlenecks,
and unexpected application traffic.
You can view historical records to diagnose the cause outages or breaches.
Mines, aggregates, and reports on the collected data:

You can analyze network traffic by rate, volume, and utilization.
You can analyze trends in virtual machine and host traffic.
NetFlow
NetFlow Collector
VDS IP Address: Collector IP Address:
192.168.10.24 172.20.10.100
Distributed Switch
Network Flow Records

Configuring NetFlow on a Distributed Switch
You configure NetFlow settings on a distributed switch
After configuring NetFlow on the distributed switch, you enable or disable
NetFlow on a distributed port group, a specific port, or at the uplink.
NetFlow Settings on dvs-Lab
Enabling NetFlow on a Distributed Port Group

Port Mirroring
Port mirroring is a technology that duplicates network packets from a
source to a destination. VM A VM B VM C
Port mirroring has the following

uses: Source Destination
To assist in troubleshooting Port Port
As input for network analysis

Distributed Switch
appliances
Many network switch vendors
implement port mirroring in their Normal Traffic
products. Mirrored Traffic
Host
vSphere supports port mirroring
using Remote Switch Port Analyzer
and Encapsulated Remote Switch Port Analyzer.

Port Mirroring Session Types
You create a port mirroring session to mirror distributed switch traffic to
ports, uplinks, and remote IP addresses.
A port mirroring session is of a certain type.

General Properties of a Port Mirroring Session
Based on the port mirroring
session type that you choose, you
can configure one or more
advanced properties.
For example, the following
properties exist for a distributed
port mirroring type session:
Allow normal I/O on destination
ports.
Enable mirrored packet length (in
bytes).
Specify rate at which packets are
sampled.
Description.

Source and Destination in a Port Mirroring Session
A port mirroring session requires details about the source and the
destination.
Source details include: Source Destination
Traffic direction
One or more port IDs
Destination details include:

Ingres Egress
One or more port IDs s
One or more uplinks Source Port Destination Port

IP address
Distributed
Switch
Uplinks Normal Traffic

Mirrored Traffic

Selecting the Source and the Destination
You provide source and destination information based on the port
mirroring session type that you select.
Session Type Source Destination
Distributed Port Mirroring dvPort dvPort
Remote Mirroring Source dvPort Uplink
Remote Mirroring Destination VLAN dvPort
Encapsulated Remote Mirroring (L3) dvPort IP address
Distributed Port Mirroring (legacy) IP address dvPort

Lab 4: Backing Up and Restoring vSphere Distributed
Switches
Configure and use backup and restore operations on a vSphere
distributed switch
1. Back Up the Distributed Switch Configuration
2. Prepare to Capture Mirrored Network Traffic
3. Configure Port Mirroring on the Distributed Switch
4. Capture Traffic Using Port Mirroring
5. Restore the Distributed Switch Configuration

Review of Learner Objectives
You should be able to meet the following objectives:
Describe how Link Aggregation Control Protocol (LACP) enhances availability
and performance
Explain how private VLANs work
Configure NetFlow on a distributed switch
Configure port mirroring on a distributed switch

Key Points
A distributed switch provides functions that are similar to a standard switch. But
the distributed switch defines a single configuration that is shared across all
associated hosts.
Port binding determines when and how a virtual machines vNIC is assigned to
a virtual switch port.
Network I/O Control version 3 allocates bandwidth to each type of system
traffic by using shares, reservations, and limits.
Distributed switch and distributed port group configurations can be backed up
and restored.
The use of LACP increases network bandwidth and redundancy.
A private VLAN segments a primary VLAN into secondary private VLANs.
Distributed switches support the use of network analysis and troubleshooting
tools, specifically, NetFlow and port mirroring.
Questions?


VSOS6 M05 NetworkScalability

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

VSOS6 M05 NetworkScalability

Caricato da

Copyright:

Formati disponibili

Network Scalability

2015 VMware Inc. All rights reserved.

1. Course Introduction 7. Storage Scalability

2. vSphere Security 8. Storage Optimization

3. VMware Management 9. CPU Optimization

VMware vSphere: Optimize and Scale 5-2

VMware vSphere: Optimize and Scale 5-3

VMware vSphere: Optimize and Scale 5-4

VMware vSphere: Optimize and Scale 5-6

Standard Switches Distributed Switches

VMware vSphere: Optimize and Scale 5-7

Physical NICs Physical

VMware vSphere: Optimize and Scale 5-8

Outbound traffic shaping

Inbound traffic shaping

Configuration backup and restore

Link Aggregation Control Protocol

Data center-level management

Network I/O Control VMware vSphere: Optimize and Scale 5-9

CDP is available for vSphere standard switches and distributed switches

VMware vSphere: Optimize and Scale 5-10

VMware vSphere: Optimize and Scale 5-11

VMware vSphere: Optimize and Scale 5-12

VMware vSphere: Optimize and Scale 5-13

For static binding, two port

Port binding is configured at the distributed port group level.

VMware vSphere: Optimize and Scale 5-14

Static port binding example:

Distributed Dynamic port binding example:

Ephemeral port binding example:

VMware vSphere: Optimize and Scale 5-15

VMware vSphere: Optimize and Scale 5-16

vSphere 6 also supports Network I/O Control version 2, available in

VMware vSphere: Optimize and Scale 5-17

Bandwidth Parameter Description

VMware vSphere: Optimize and Scale 5-18

VMware vSphere: Optimize and Scale 5-19

Bandwidth Parameter Description

VMware vSphere: Optimize and Scale 5-20

VMware vSphere: Optimize and Scale 5-21

VMware vSphere: Optimize and Scale 5-22

Reservation: VM2 VM1 VM3 Reservation:

ESXi Host1 ESXi Host2

ESXi Host1 ESXi Host2

VMware vSphere: Optimize and Scale 5-24

VMware vSphere: Optimize and Scale 5-25

VMware vSphere: Optimize and Scale 5-26

VMware vSphere: Optimize and Scale 5-27

VMware vSphere: Optimize and Scale 5-28

VMware vSphere: Optimize and Scale 5-29

VMware vSphere: Optimize and Scale 5-30

VMware vSphere: Optimize and Scale 5-31

VMware vSphere: Optimize and Scale 5-32

Virtual Network Configuration

Switch Port Switch Port

VMware vSphere: Optimize and Scale 5-33

VMware vSphere: Optimize and Scale 5-34

VMware vSphere: Optimize and Scale 5-35

VMware vSphere: Optimize and Scale 5-36

VMware vSphere: Optimize and Scale 5-37

VMware vSphere: Optimize and Scale 5-38

Rollback provides the following options to recover from management

VMware vSphere: Optimize and Scale 5-39