VCAP6: 3.1 – Implement and Manage vSphere Standard Switch (VSS) Networks

Posted by on in | 2,025 Views | Leave a response

Objective 3.1 Topics:

  • Create and Manage vSS Components according to a deployment plan
  • VMkernel ports on standard switches
  • Advanced vSS Settings
  • Configure TCP/IP Stack on a Host
  • Create a Custom TCP/IP Stack
  • Configure and Analyze vSS Settings using Command Line Tools

Create and Manage vSS Components According to a Deployment Plan

TCP/IP Stacks at the VMkernel Level

Default TCP/IP Stack – Networking support for management traffic between vCenter and ESXi hosts, and for system traffic such as vMotion, IP storage, Fault Tolerance etc…

vMotion TCP/IP Stack – Supports the traffic for live migration of VM’s.

Provisioning TCP/IP Stack – Supports the traffic for virtual machine cold migration, cloning and snapshot creation. We can also use this stack for NFC (Network File Copy) traffic during long distance vMotion.

Custom TCP/IP Stack – Handle networking traffic of custom applications.

Securing System Traffic 

It’s important to secure system traffic to prevent unauthorized access to the vSphere environment. For example, vMotion traffic should be isolated to only the hosts that are involved in the migration. Same principals hold true for IP storage (ESXi host to Storage).

System Traffic Types

A separate VMkernel adapter should be used for every traffic type, if possible. If using a distributed switch, dedicate a separate distributed port group for each kernel adapter.

Management Traffic – Configuration and management communication for ESXi hosts, vCenter Server, and host-to-host High Availability traffic.

vMotion Traffic – VMkernel adapter for vMotion is required both on the source and the target hosts. The VMkernel adapters for vMotion should handle only the vMotion traffic.

Provisioning Traffic – Traffic that is transferred for VM cold migrations, cloning and snapshot creation.

IP Storage Traffic/Discovery – Handles the connection for storage types that use standard TCP/IP networks and depend on the VMkernel networking. Such storage types are software iSCSI, depended hardware iSCSI, and NFS.

Fault Tolerance Traffic – Handles the data that is transferred from primary VM to secondary VM.

Replication Traffic – Handles outgoing replication data that ESXi uses to transfer data to the replication server.

Replication NFS Traffic – Handles the incoming replication data on the target replication site.

Virtual SAN Traffic – Every host that is apart of a vSAN cluster must have a VMkernel adapter to handle the vSAN traffic between hosts.

VMKernel Ports on a Standard Switch

Freshly installed cluster with Management, vMotion, iSCSI and NFS configured.

Management Network

manangement-net

vMotion Network

vmotion-net

iSCSI Network

Note the iSCSI port bindings. 1 to 1 for multi-pathing.

iscsi-net

NFS Network

nfs-net

Configure TCP/IP Stack on a Host

I’ve already created a stack for my vMotion traffic on a standard switch. This is what it looks like.

vmotion-stack

Create a Custom TCP/IP Stack

From the shell:

customstack311

New Stack Created:

customstack312

Configure and Analyze vSS Settings Using Command Line Tools

List all virtual switches and associated port groups:

cli311

List network policy settings:

cli312 cli313 cli314

 

 

Questions / Comments?

This site uses Akismet to reduce spam. Learn how your comment data is processed.