When you first implement server virtualization with VMware, vSphere network features and configuration are commonly
an afterthought. After all, vSphere networking is supposed to just "work" as designed. However, as your server virtualization infrastructure grows, you will be forced to learn the intricacies of vSphere networking.
5 important elements of vSphere networking
1. Standard Switches -- vSphere standard switches (vSwitches) work like physical switches but in a virtualized form. They are logically connected through their virtual ports to each of the virtual machines' virtual NICs. Typically, switches have physical adapter "uplinks" that connect them to the physical LAN.
2. Distributed Switches -- vSphere distributed switches (dvSwitches) are an option in vSphere Enterprise Plus. DvSwitches work as a single switch across all ESXi hosts, providing consistent network configurations, policies and statistics as VMs move from one host to another.
3. Port Groups -- A port group is made up of one or multiple vSwitch ports, and it defines how those ports connect through the switch to the network. Port group configurations include bandwidth limitations, VLAN tagging policies, security policies, and much more. Standard and distributed switches will have one or multiple port groups.
4. VLANs -- Just as in the physical network world, VLANs are commonly in use in the virtual network. VLANs enable a single physical LAN segment to be further segmented so that groups of ports are isolated from one another as if they were on physically different segments. This is done using the 802.1Q standard.
More on virtualization and vSphere networking
5. VMkernel interfaces -- Special network ports called VMkernel interfaces are what carry the vSphere NFS, iSCSI or vMotion traffic. These VMkernel interfaces are separate from the virtual machine port group traffic and should be ensured reliable bandwidth so they don't slow down other virtual machines in the infrastructure.
Understanding vSphere Networking Tools
1. vSphere client -- In order to manage vSphere networking, you'll spend most of your time in the vSphere client. That's where you will configure things like vSwitches, dvSwitches, port groups and physical uplinks on the host.
The vSphere client is a valuable tool for reporting on the utilization of network interfaces, such as the performance chart that you see below.
2. ESXi server Command Line Interface for vSphere networking -- At some point, vSphere admins will use the command line interface (CLI) to configure and troubleshoot networking. You could connect to the ESXi server directly using an SSH client (if you enabled the remote shell) like PuTTY. You could also go to the physical server console and perform the same commands if you enabled tech support mode. Common commands that you would perform would be things like esxcfg-nics, or use the esxcli command -- a "Swiss Army knife" that can do just about anything.
3. Windows PowerShell in vSphere -- Besides the built-in ESXi host command line, more and more vSphere admins are using PowerCLI, with Microsoft PowerShell to administer vSphere hosts because of its ability to perform mass-changes and automate common tasks in vSphere infrastructures. At a minimum, you will need VMware's free PowerCLI tool to use PowerCLI. VMware has a strong PowerClI community, where you can ask questions, get sample scripts and download the PowerCLI tool. An example of a PowerCLI command related to networking is the Get/Set-NetworkAdaptor cmdlet.
Most admins who are serious about PowerCLI take the next step and download PowerGUI, a free graphical interface for PowerCLI. To use with PowerGUI, there are "community powerpacks" that contain prebuilt scripts to run on your vSphere infrastructure -- many related to networking.
4. Third-party tools for vSphere networking -- What about tools not from VMware? Third parties have created numerous vSphere networking tools, both free and commercial. Many of these tools are general vSphere performance tools that, of course, include analysis of vSphere networking. Examples include:
Combining NetFlow and vCenter data
While there are a number of strong performance tools, my favorite is Xangati, which takes NetFlow data from virtual switches and combines it with vCenter performance data, presenting a unified view of what's happening in the virtual infrastructure. For example, while the vSphere client only shows you that you have high network utilization, Xangati will show you that the high network utilization is caused by network traffic on TCP1234 between VM1 and Backup Server2. Plus, you can slide back in time (as with a TV DVR) to see what was happening on the virtual network in the past. This type of virtual network troubleshooting and analysis tool is invaluable.
Both traditional network admins and VMware admins need to have a solid understanding of how the virtual network functions and how it works with the physical LAN. This will both ensure proper configuration and solve problems faster when there's a problem on the vNetwork. Admins should use a combination of vSphere knowledge, VMware networking tools (like the vSphere Client, CLI and PowerCLI), and third-party tools to configure and troubleshoot the virtual network.
About the author: David Davis is the author of the best-selling VMware vSphere video training library from Train Signal. He has written hundreds of virtualization articles on the Web and is a vExpert, VCP, VCAP-DCA, and CCIE #9369, with more than 18 years of enterprise IT experience. His personal website is VMwareVideos.com.