Virtual Switches-Distributed Switches (Part 2)
In my first blog of virtual switches,We have learnt about what are virtual switches, Port group and a brief introduction of types of virtual switches. Click on the link below to visit my previous blog…
In this blog we will discuss about distributed switch which is another type of Virtual switches.
Are you aware of the concept called control and management plane. Control plane defines all function and processes whereas management plane used to control and monitor devices. With distributed switch control plane remains with Vcenter whereas management plane remains with Esxi hosts.
On VDS we can create distributed port groups. Every distributed port group has access to all the uplinks which are associated to a VDS. Additionally, configuration settings and policies, such as the security and teaming values, are applied directly to a distributed port group
What is dvportGroup ?
Same as that of standard switches, dvportgroups on VDs define how the connection is made through the VDS to the network. The VLAN ID, traffic shaping, port security, teaming and load balancing parameters can be defined for dvportgroups.
After understanding a variety of traffic types of inside virtual infrastructure and also identifying specific security, reliability and performance requirements for individual traffic types, the administrator can create unique dvportgroups associated with each traffic type.
Netflow:- VDS can also use of Netflow for network traffic analysis.
Port Mirroring:- a port mirror actually clones all the traffic to a configured destination. There are two main use cases for this: monitoring and capture. Monitoring means to know exactly what traffic is being sent from one specific device while other is capturing voice-over IP (VoIP) traffic so that you can have a recording of a phone call in your call center.
Private VLANs: – These are VLAN created within VLAN. Private VLAN, in another way, is a kind of port isolation technique in networking where a VLAN consists of switch ports that are confined such that they can only communicate with a given “uplink”. The restricted ports are called private ports.
Traffic Shaping: There are two terms related to traffic shaping that is Egress and Ingress traffic.
Egress means traffic that would be sent from the VDS to a VM. Egress traffic shaping helps to control the amount of bandwidth that can be used would be available to use for multi-NIC vMotion traffic.
vCenter is the vehicle used to create, modify, and remove a VDS and its related virtual port groups.
LLDP(Link Layer Discovery Protocol) :
This protocol will allow VDs to discover devices that are linked directly to them.
Vsphere Switch API:
We can also use third party Virtual switches such as Nexsus into Esxi. (as a Vitual Appliance)
Network I/O Control:
NIOC is a way to control traffic in your network. Similar to the resource pools that are defined for VMs, we can also define network resource pool.
NIOC provides users with the following features:
Isolation: NIOC ensure traffic isolation so that a given flow will never be allowed to dominate over others, thus preventing drops and undesired jitter
Shares: Allows flexible way of dividing capacity to help users to handle situation like over commitment when traffic flows aggressively.
Limits: enforce traffic bandwidth limit on the overall set of dvUplinks
Load-Based Teaming: NIOC allows efficient use set of dvUplinks for defining networking capacity.
NIOC is to allow you to limit the bandwidth for different traffic types like:
We can also configure a share value, or even assign a quality of service (QoS) priority tag to each resource pool.
Load Based Teaming:
This feature is supported by Distributed switch which allows load balancing of network traffic based on load which evenly distributes traffic among available dvuplinks. It avoid the situation like some dvuplinks are fully saturated and some are idle.
Port Group Setting:
Port groups are noting but group of ports. Port groups can be created for virtual switch and then we connect VMs to oport group. In case of distributed switch we can assign policies on vswitch, Port Group as well as on port also.
When you create port group, you need to define following port group settings.
Port Binding :
Port Bindings are of three types:
Static, Dynamic and Ephermeral (No port binding)
Port allocation is either fixed or Elastic.
If we create port group with static port binding and fixed port allocation lets say 6 , then only 6 VMs can be connected at a time and u cannot add more VMs to port group. When VM is connected to port group with static binding immediately port is assigned to VM. The port is disconnected when VM is removed.
If you select static binding with Elastic port allocation then number of port will be automatically added to port group as per requirement.
In case of Dynamic port is assigned to VM when it is powered ON and disconnected when it is powered off.
Create Network Resource Pool :
We can create network resource pools on a vSphere Distributed Switch to limit (assign) bandwidth for a set of virtual machines.
A network resource pool allow us to define a reservation quota for virtual machines. The quota represents an amount of bandwidth that can be reserved for virtual machine system traffic on the physical adapters connected (uplink) to the distributed switch. The bandwidth reservation from the network adapters of VMs which are associated with the pool should not exceed the quota limit.
Some important Questions on Virtual Switches :
Q.1) What are the VDs Versions means?
When we create distributed virtual switch we are asked to select version for DVs. It defines what are the versions of Esxi servers over which we can deploy the DVs. and also defines the features that supported by switch. Example version 6.5 can support Esxi servers 6.5 and later.
Q.2) How Policies are inherited in case of VDs?
In case of standard switches policies can be applied on switch and can be overridden sometimes by policies applied at port groups level. In case of DVs policies can be applied at port group level and even at port level to override policies that are inherited from port group.
Q3) What is VLAN tagging ? What are VLAN tagging Methods?
VLAN Tagging is method of assigning VLAN information to the frame.
There are three types of VLAN Tagging methods available and these are:
- Virtual Switch Tagging (VST):
Uses IEEE 802.1q for Tagging. Tagging is done by DVs before packets leave VDs. Port Groups are assigned VLAN Id.
- External Switch Tagging (EST)
All Tagging is done into physical switches and Esxi does not have awareness of VLAN. No of physical NIC=No of VLANs. Physical switchport which connect Esxi uplink should be Access port.
- Virtual Guest Tagging (VGT)
Tagging performed by a virtual machine which requires 802.1 q driver to be installed in guest OS.
Call the Trainer and Book your free demo Class now!!!
© Copyright 2019 | Sevenmentor Pvt Ltd.