At the core of vSphere Networking are virtual switches. vSphere supports standard switches (VSS) and distributed switches (VDS). Each virtual switch has a preset number of ports and one or more port groups.
|
■
|
|
■
|
When virtual machines are connected to a virtual switch that is connected to an uplink adapter, each virtual machine can access the external network through that uplink. The adapter can be an uplink connected to a standard switch or a distributed uplink port connected to a distributed switch.
|
Virtual switches allow your ESXi host to migrate virtual machines with VMware vMotion and to use IP storage through VMkernel network interfaces.
|
■
|
Using vMotion, you can migrate running virtual machines with no downtime. You can enable vMotion with vicfg-vmknic --enable-vmotion. You cannot enable vMotion with ESXCLI.
|
|
■
|
IP storage refers to any form of storage that uses TCP/IP network communication as its foundation and includes iSCSI and NFS for ESXi. Because these storage types are network based, they can use the same VMkernel interface and port group.
|
The network services that the VMkernel provides (iSCSI, NFS, and vMotion) use a TCP/IP stack in the VMkernel. The VMkernel TCP/IP stack is also separate from the guest operating system’s network stack. Each of these stacks accesses various networks by attaching to one or more port groups on one or more virtual switches.
Networking with vSphere Standard Switches shows the relationship between the physical and virtual network elements. The numbers match those in the figure.
|
■
|
Associated with each ESXi host are one or more uplink adapters (1). Uplink adapters represent the physical switches the ESXi host uses to connect to the network. You can manage uplink adapters using the esxcli network nic or vicfg-nics vCLI command. See Managing Uplink Adapters.
|
|
■
|
Each uplink adapter is connected to a standard switch (2). You can manage a standard switch and associate it with uplink adapters by using the esxcli network vswitch or vicfg-vswitch vCLI command. See Setting Up Virtual Switches and Associating a Switch with a Network Interface.
|
|
■
|
Associated with the standard switch are port groups (3). Port group is a unique concept in the virtual environment. You can configure port groups to enforce policies that provide enhanced networking security, network segmentation, better performance, high availability, and traffic management. You can use the esxcli network vswitch standard portgroup or vicfg-vswitch command to associate a standard switch with a port group, and the esxcli network ip interface or vicfg-vmknic command to associate a port group with a VMkernel network interface.
|
|
■
|
The VMkernel TCP/IP networking stack supports iSCSI, NFS, and vMotion and has an associated VMkernel network interface. You configure VMkernel network interfaces with esxcli network ip interface or vicfg-vmknic. See Adding and Modifying VMkernel Network Interfaces. Separate VMkernel network interfaces are often used for separate tasks, for example, you might devote one VMkernel Network interface card to vMotion only. Virtual machines run their own systems’ TCP/IP stacks and connect to the VMkernel at the Ethernet level through virtual switches.
|
When you want to connect a virtual machine to the outside world, you can use a standard switch or a distributed switch. With a distributed switch, the virtual machine can maintain its network settings even if the virtual machine is migrated to a different host.
|
■
|
Each physical network adapter (1) on the host is paired with a distributed uplink port (2), which represents the uplink to the virtual machine. With distributed switches, the virtual machine no longer depends on the host’s physical uplink but on the (virtual) uplink port. You manage a uplink ports primarily using the vSphere Web Client, or vSphere APIs.
|
|
■
|
The distributed switch itself (3) functions as a single virtual switch across all associated hosts. Because the switch is not associated with a single host, virtual machines can maintain consistent network configuration as they migrate from one host to another.
|
Like a standard switch, each distributed switch is a network hub that virtual machines can use. A distributed switch can route traffic internally between virtual machines or link to an external network by connecting to physical network adapters. You create a distributed switch using the the vSphere Web Client UI, but can manage some aspects of a distributed switch with vicfg-vswitch. You can list distributed virtual switches with the esxcli network vswitch command. See Setting Up Virtual Switches and Associating a Switch with a Network Interface.