Traffic shaping is used to limit the amount of bandwidth that's available to virtual switch ports. NIOC is used to apply limits and to guarantee traffic to different virtual network service types.
Traffic shaping can be configured on vSwitches, vDSwitch uplinks, VMkernel interfaces, and PortGroups to restrict the network bandwidth available to the network ports on the virtual switch. Traffic shaping is applied at all times, regardless of the amount of network capacity available. This means that if traffic shaping is enabled and configured on a virtual switch or PortGroup to limit the peak bandwidth to 1,048,576 Kbps (1 Gbps), only 1,048,576 Kbps of bandwidth will be used, even if more bandwidth is available.
The following bandwidth characteristics can be applied to the traffic shaping policy:
- Average bandwidth: This is the permitted average load, measured in kilobits/sec (Kbps)
- Peak bandwidth: This is the maximum allowed load, measured in kilobits/sec (Kbps)
- Burst size: This is the maximum number of bytes, measured in kilobytes, that can be burst over the specified average bandwidth
The traffic shaping policies on a vSwitch only apply to egress or outbound traffic. vDSwitch traffic shaping policies can be configured for both ingress (inbound) and egress (outbound) traffic.
The following is a screenshot of the configuration screen for applying Traffic shaping to a virtual machine PortGroup on a standard virtual switch:
The following screenshot shows the Ingress traffic shaping and Egress traffic shaping settings that can be applied to a virtual machine PortGroup on a vDSwitch:
Unlike traffic shaping, Network I/O Control only provides control over the network bandwidth for specific network protocols during times of network contention. NIOC can only be enabled on vDSwitches.
Shares, limits, and reservations can be applied to network traffic types to limit and guarantee bandwidth to the different network traffic types, including the following:
- Management traffic
- vMotion traffic
- IP storage traffic (NFS/iSCSI)
- Virtual SAN traffic
- Fault Tolerance traffic
- vSphere replication traffic
- vSphere Data Protection backup traffic
- Virtual machine traffic
The System traffic screen in the vSphere Web Client provides information about the bandwidth capacity and the allocation of network resources across traffic types. The following screenshot illustrates the NIOC configurations of a vDSwitch:
Shares define the share of the available bandwidth on a physical NIC that's attached to the vDSwitch during a time of network bandwidth contention that a specific traffic type will receive. The Reservation is the Mbps guaranteed to a specific traffic type. The Limit is the Mbps limit that's applied to all hosts connected to the vDSwitch.
The percentage of bandwidth that a traffic type receives is based on the total number of shares available; for example, in the default configuration, the virtual machine traffic receives 100 shares of the 400 (50 + 50 + 50 + 50 + 100 + 50 + 50) shares available. The formula for this is as follows:
Shares Value / Total Available Shares = Percentage of Physical Network Bandwidth
Therefore, 100 / 400 = 25%
The amount of bandwidth that's available to vMotion would be calculated based on the 50 shares allocated to the vMotion traffic, as follows:
50 / 400 = 12.5%
Network Resource Pools can be created to allocate virtual machine traffic reservations across distributed PortGroups. For example, if 100 Mbps is reserved for virtual machine traffic, this reservation can be applied across different PortGroups. In the following screenshot, a New Network Resource Pool is created, allocating 90 Mbps of the 100 Mbps reservation to a pool named CriticalVMs:
Notice that the Reservation quota is the bandwidth that the Network Resource Pool will be guaranteed out of the overall reservation. The Reservation quota cannot be set to a value higher than the total reservation that's allocated to virtual machine traffic.
The Network resource pool is then assigned to a PortGroup on the virtual distributed switch, as shown in the following screenshot:
This allocates the reservation from the CriticalVMs network resource pool to the DPortGroup port group.