Chapter 5. Configuring vSphere Distributed Switches
This chapter covers the following subjects:
vSphere Distributed Switch Capabilities
Creating/Deleting a vSphere Distributed Switch
Adding/Removing ESXi Hosts from a vSphere Distributed Switch
Adding/Configuring/Removing dvPort Groups
Adding/Removing Uplink Adapters to dvUplink Groups
Configuring vSphere Distributed Switch General and dvPort Group Settings
Creating/Configuring/Removing Virtual Adapters
Migrating Virtual Adapters to/from a vSphere Standard Switch
Migrating Virtual Machines to/from a vSphere Standard Switch
Configuring LACP on Uplink Port Groups
Determining Use Cases for a vSphere Distributed Switch
Now that you understand what a virtual switch does and that consistency of configuration is a key component, what if I were to tell you that there is a way to guarantee consistency by associating a virtual switch to more than one host at the same time? That’s what a vDS does.
A vDS is the same as a vSS in many ways, except that it can be connected to more than one host at the same time, which makes a radical difference. I know what you’re thinking: “Is it similar to a vSS or radically different?” Well, in a word, “Yes.” It’s similar in that it uses the same types of connections (namely, VMkernel ports and VM port groups). It’s also similar in that the point at which the virtual world meets the physical world is an important thing to know and understand. However, it’s radically different because it is managed centrally in the vCenter and can be connected to multiple hosts at the same time. In fact, a single vSphere 6.0 vDS can be connected to as many as 1,000 hosts. Because of this difference, vDSs come with a whole new set of terms to understand.
In this section, I discuss the capabilities of a vDS, along with creating and deleting a vDS and adding and removing ESXi hosts. In addition, this section covers adding, configuring, and removing dvPort groups and dvUplinks (new terms in vDSs). A vDS also has virtual adapters just like a vSS, except that they can be connected to more than one host. You learn about creating, configuring, migrating, and removing virtual adapters, as well as migrating VMs to and from a vDS. In addition, you learn how to determine a use case for a vSphere distributed switch.
“Do I Know This Already?” Quiz
The “Do I Know This Already?” quiz allows you to assess whether you should read this entire chapter or simply jump to the “Exam Preparation Tasks” section for review. If you are in doubt, read the entire chapter. Table 5-1 outlines the major headings in this chapter and the corresponding “Do I Know This Already?” quiz questions. You can find the answers in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Chapter Review Questions.”
1. Which view should you be in to create a new vDS?
a. Hosts and Clusters
b. Networking
c. VMs and Templates
d. You can create a vDS in any view.
2. What is the minimum number of hosts that you can connect to a vSphere 6.0 vDS?
a. 500
b. 10
c. 1,000
d. 1
3. Which is the maximum number of hosts that can be added to a single vDS?
a. 1,000
b. 50
c. 10,000
d. There is no limit.
4. Which of the following is a capability of a vDS but not of a vSS?
a. Outbound traffic shaping
b. Ingress traffic shaping
c. VLAN segmentation
d. NIC teaming
5. What is the maximum number of uplinks that you can configure for each LAG on a vDS?
a. 10
b. 100
c. 24
d. 32
6. What is the minimum level of licensing required to support a vDS?
a. Enterprise
b. Enterprise Plus
c. Standard
d. Essentials Plus
7. Which of the following is not a part of the configuration of a VMkernel port?
a. IP address
b. Subnet mask
c. Default gateway
d. DNS address
8. What is the minimum number of ports that you can have on a LAG on a vSphere 6.0 vDS?
a. 1
b. 2
c. 32
d. 10
9. Which of the following are valid methods to migrate multiple VMs from a vSS onto a vDS? (Choose two.)
a. Change the vnic setting for each VM.
b. Use the Migrate Virtual Machine Wizard.
c. Storage vMotion
d. DRS
10. Which of the following can be configured on vDS, but not on a vSS? (Choose two.)
a. Inbound traffic shaping
b. Outbound traffic shaping
c. Private VLANs
d. NIC teaming
Foundation Topics
vSphere Distributed Switch Capabilities
It’s likely that you want to know what vDSs can do that vSSs cannot do. In other words, “Why should I consider using one instead of the other?” In fact, a large list of features are specific to a vDS, but to really understand them, you need to see what they both can do and then what only the vDS can do. Table 5-2 illustrates the features that are common between vSSs and vDSs and then those that are unique to vDSs.
The following briefly describes each of the features available on a vDS that are not available on a vSS:
Inbound traffic shaping: A port group setting that can throttle the aggregate bandwidth inbound to the switch. This might be useful for a port group containing VMs that are being used as web servers.
VM network port block: Specific ports can be configured as “blocked” for a specified VM’s use. This might be helpful for troubleshooting or for advanced configurations.
Private VLANs: This is a vSphere implementation of a VLAN standard that is available on the latest physical switches. With regard to vSphere, private virtual local-area networks (PVLANs) can be created in the vSphere that are used only in the vSphere and not on your external network. In essence, a PVLAN is a VLAN within a VLAN. In addition, the PVLANs in your vSphere can be kept from seeing each other. Chapter 6, “Configuring vSS and vDS Features,” covers PVLANs in greater depth.
Load-based teaming: You can configure network load balancing in a much more intelligent fashion than with vSSs by enabling the system to recognize the current load on each link before making frame forwarding decisions. This could be useful if the loads that are on each link vary considerably over time.
Data-center-level management: A vDS is managed from the vCenter as a single switch from the control plane, even though many hosts are connected to each other at the I/O plane. This provides a centralized control mechanism and guarantees consistency of configuration.
Network vMotion: Because a port group that is on a vDS is connected to multiple hosts, a VM can migrate from one host to another without changing port groups. The positive effect of this is that the attributes assigned to the port group (such as security, traffic shaping, and NIC teaming) migrate as well.
vSphere switch APIs: Third-party switches have been and are being created that can be installed in the control plane. On switches such as the Cisco Nexus 1000v, the true essence of the switch is installed into the vCenter as a virtual appliance (VA).
Per-port policy settings: Most of the configuration on a vDS is at the port group level, but it can be overridden at the individual port level. This allows you tremendous flexibility with regard to port settings such as security, traffic shaping, and so on.
Port state monitoring: Each port on vDS can be managed and monitored independently of all other ports. This means that you can quickly identify an issue that relates to a specific port.
Link Layer Discovery Protocol: Similar to Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP) enables vDSs to discover other devices, such as switches and routers, that are directly connected to them. The advantage of LLDP is that it is an open protocol that is not proprietary to Cisco.
User-defined network I/O control: You can set up a quality of service (QoS) (of a sort), but instead of defining traffic paths by protocols, you can define the traffic paths by types of VMware traffic. In earlier versions of vDSs, you could define traffic as vMotion, Management, and others, but now you can define your own categories. This adds to flexibility in network control and design.
NetFlow: You can use the standard for traffic monitoring, NetFlow, to monitor, analyze, and log traffic flows in your vSphere. This enables you to easily monitor virtual network flows with the same tools that you use to monitor traffic flows in the physical network. Your vDS can forward NetFlow information to a monitoring machine in your external network.
Port mirroring: Most commonly used with intrusion detection systems (IDSs) and intrusion prevention systems (IPSs), port mirroring provides for a copy of a packet to be sent to a monitoring station so that traffic flows can be monitored without the IPS/IDS skewing the data. Port mirroring is new to vSphere 5.x and later vDSs.
Backup, Restore, Import, Export Configuration: You can back up a configuration of a vDS so that it can easily be restored later or even exported from one vDS and imported onto another one. This saves time and increases network flexibility.
LACP: Link Aggregation Control Protocol (LACP) allows for the combining of multiple physical links into one logical link for the purposes of fault tolerance and load balancing.
Creating/Deleting a vSphere Distributed Switch
The first thing to consider if you want to create a vDS is your license level, because, for the most part, they can be created only with an Enterprise Plus license. You probably could create them with the 60-day evaluation license, but you would then need to purchase an Enterprise Plus license before the evaluation period expires; otherwise, your switch would cease to function. You also must consider the level of hosts that you have in the data center onto which you are adding the switch, because this will impact the version of the switch that you create. So, to begin to create a new vDS, follow the steps outlined in Activity 5-1.
Note
In the first quarter of 2016, VMware allowed that a vSphere Distributed Switch could be created and used with a Standard license and an accompanying NSX license. (See Knowledge Base Article 2135310.) This is an exception to the rule; assume for test purposes that an Enterprise Plus license is required to support a vSphere Distributed Switch, unless you are specifically given information regarding NSX.
Activity 5-1 Creating a New vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Right-click your data center and select Distributed Switch, and then New Distributed Switch as shown in Figure 5-1.
4. Type the name for your new vDS, as shown in Figure 5-2. Click Next.
5. Select the version for your new vDS, as shown in Figure 5-3. You should select a version that is compatible with the hosts that will be connected to this switch. Click Next.
6. From Edit settings, choose the number of uplinks that you will allow on this switch. (The default is four, but this number can be changed later if needed.) Then choose whether to create a default port group and, if so, what to name it. Finally, choose whether to enable Network I/O control on this switch, as shown in Figure 5-4. Click Next.
7. On the Ready to Complete page, review your configuration settings, as shown in Figure 5-5, and click Finish.
Deleting a vDS
You might assume that deleting a vDS would just be a matter of right-clicking it and selecting to remove it. This is almost true. However, you first need to remove the hosts and the port groups from the vDS. Then you can right-click it and select to remove it. The next two sections cover (among other topics) removing hosts and port groups from a vDS. When you know how to do that, deleting the vDS is as simple as right-clicking and selecting Remove from Inventory under All vCenter Actions.
Adding/Removing ESXi Hosts from a vSphere Distributed Switch
You can add hosts to a vDS after you have created it. In the following activities, you first see how to add a host to an existing vDS, and then you learn how to remove a host from an existing vDS.
To add a host to an existing vDS, follow the steps outlined in Activity 5-2.
Activity 5-2 Adding a Host to a vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Right-click the vDS on which you want to add a host, and click Add and Manage Hosts, as shown in Figure 5-6.
4. Select Add Hosts, as shown in Figure 5-7. Click Next.
5. Click the New Hosts link + and choose from the list of hosts that are compatible with the vDS, as shown in Figure 5-8. Click OK, and then click Next. Click Next again.
6. Select to perform any additional network adapter tasks, such as managing physical adapters, managing virtual adapters, migrating virtual machine networking, or even managing advanced legacy host settings, as shown in Figure 5-9. Click Next.
7. If you have chosen to manage physical adapters, select an unclaimed adapter for your switch or take one from a switch that you are not using, click a vmnic, and then the Assign Uplink link to assign the adapter, as shown in Figure 5-10. You should be very careful here, but the system will alert you to any negative impact before completing the task. Click Next.
8. The Analyze impact screen shown in Figure 5-11 will show you any potential issues caused by your configuration changes. (Note that I only added one host for now, but I will create a vDS with more hosts later.) Click Next.
9. On the Ready to Complete page, review your configuration and click Finish.
To remove a host from an existing vDS, follow the steps outlined in Activity 5-3.
Activity 5-3 Removing a Host from a vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Right-click the vDS on which you want to remove a host, and then click Add and Manage Hosts.
4. Click Remove Hosts and then click Next, as shown in Figure 5-12.
5. Click the Attached Hosts link and then identify the host that you want to remove, as shown in Figure 5-13. Click OK, and then click Next.
6. On the Ready to Complete page, confirm that the number of hosts that you are removing is correct and click Finish. (I will leave this host in place, because I’m not done yet.)
Adding/Configuring/Removing dvPort Groups
As you might remember, port groups allow you to get more than one set of attributes out of the same switch. This is especially true with vDS port groups. The port groups that you create on a vDS are connected to all the hosts to which the vDS is connected; hence, they are called distributed virtual port groups (dvPort groups). Because a vSphere 6.0 vDS can be connected to up to 1,000 hosts, the dvPort groups can become very large and powerful. After you create port groups on a vDS, you can migrate your VMs to the dvPort groups. In the following activities, you learn how to add, configure, and remove dvPort groups on vDSs.
To add a port group to a vDS, follow the steps outlined in Activity 5-4.
Activity 5-4 Adding a Port Group to a vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Right-click the vDS on which you want to add the port group and select Distributed Port Group and then New Distributed Port Group, as shown in Figure 5-14.
4. Type a name for your new port group that will help you identify the types of VMs that you place on that port group, as shown in Figure 5-15. Click Next.
5. Configure the settings for your port group, such as port binding, port allocation, VLAN type, and number of ports (these are discussed in detail later in this chapter), as shown in Figure 5-16. Click Next.
6. On the Ready to Complete page, confirm your selections by clicking Finish.
The next major section discusses configuring port groups in great detail and covers configuring vSS and vDS policies. For now, I will just point out the steps involved in accessing the area in which you can configure the policies of port groups on vDSs. To begin to configure a port group on a vDS, follow the steps outlined in Activity 5-5.
Activity 5-5 Configuring Port Groups on a vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Expand on the vDS on which you want to configure the port group, right-click the port group that you want to configure, and select Edit Settings, as shown in Figure 5-17.
Over time, your networking needs will change, and you might decide to reorganize by removing some port groups. Take care not to “orphan” the VMs by removing the port group while they are still assigned to it. Instead, carefully consider your options and simply migrate the VMs to another port group as part of your plan. Your options with regard to vSS and vDS policies are covered in Chapter 6. For now, I’ll just point out how you would go about removing a port group that you no longer need.
To remove a port group that you no longer are using, follow the steps outlined in Activity 5-6.
Activity 5-6 Removing a Port Group from a vSphere Distributed Switch
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Click the vDS on which you want to remove the port group and expand it so that you can see the dvPort groups. Migrate any vnics of VMs off of the port group.
4. Right-click the port group that you want to remove and select Delete, as shown in Figure 5-18.
5. Confirm your selection by clicking Yes.
Adding/Removing Uplink Adapters to dvUplink Groups
As shown in Figure 5-19, dvUplink groups connect your vDS to the hidden switches that are contained in your hosts and then from there to the physical world. This allows you to control networking at the control plane on the vDS while the actual input/output (I/O) is still passing from host to host at the I/O plane. Each host keeps its own network configuration in its hidden switch that is created when you add a host to a vDS. This ensures that the network will continue to function, even if your vCenter fails or is not available.
That’s a lot of terminology all at once, but as you might remember, I said that one of the main things to understand was where the virtual meets the physical. You should know that the dvUplink groups are virtual, but the uplink adapters lead to physical adapters. Connecting multiple uplink adapters to a dvUplink group opens up the possibilities of load balancing and fault tolerance, which are discussed in Chapter 6. For now, I will show you how to add and remove uplink adapters.
To add uplink adapters to a dvUplink group, follow the steps outlined in Activity 5-7.
Activity 5-7 Adding an Uplink Adapter to a dvUplink Group
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to configure an uplink and then select the Add Host Networking link.
4. On the Select Connection Type screen, select Physical Network Adapter, as shown in Figure 5-20.
5. Click Browse, select the vDS to which you want to configure the host uplink, and click OK, as shown in Figure 5-21. Click Next.
6. Click the uplink and then on the Add Adapter + link and choose the adapter to add, as shown in Figure 5-22. Click Next.
7. Choose an available vmnic and the uplink to which you will assign it, as shown in Figure 5-23. Click Next.
8. On the Ready to Complete page, verify your settings, and click Finish.
When you reorganize, you might want to remove an uplink from a dvUplink group. Activity 5-8 outlines the process to remove the uplink.
Activity 5-8 Removing an Uplink Adapter from a dvUplink Group
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to configure, click Manage and then Networking, and in the blue area below, click Virtual Switches.
4. Select the vDS from which you want to remove the adapter, and click the Manage the Physical Network Adapters Connected to the Selected Switch link, as shown in Figure 5-24.
5. Choose the vmnic that you want to remove, and then click the Remove Selected Adapters link (the red X), as shown in Figure 5-25.
6. Click OK to close the window.
Creating/Configuring/Removing Virtual Adapters
Prior to vSphere 5.0 and ESXi 5.0, virtual adapters on vDSs included service console ports as well as VMkernel ports. In fact, if you are still using legacy ESX hosts in your virtual data center, you must take into account that they will require a service console port on either a vSS or a vDS, for the purpose of connecting to and managing the switch from the physical world. Because ESXi 5.0 and later hosts do not have service consoles, they also do not have service console ports, so with regard to this topic, I will limit the discussion of virtual adapters to VMkernel ports. This section covers creating, configuring, and removing virtual adapters.
As you might remember, you create VMkernel ports for one of six main reasons: IP storage, management, vMotion, VSAN, vSphere Replication, or FT logging. There is only one VMkernel on the ESXi host, which is the hypervisor, but there can be many VMkernel ports. To create a new VMkernel port on a vDS, you create and configure a VMkernel virtual adapter.
To create a virtual adapter, follow the steps outlined in Activity 5-9.
Activity 5-9 Creating a Virtual Adapter
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to configure a virtual adapter and click Manage and then Networking.
4. Click the Add Host Networking link, and then click VMkernel Network Adapter, as shown in Figure 5-26. Click Next.
5. On the Add Networking screen, select Select an Existing Network, click Browse, and then select the vDS and port group on which you want to add the VMkernel port, as shown in Figure 5-27. Click OK, and then click Next.
6. Configure the port properties, such as IP Settings and Available Services, as desired, as shown in Figure 5-28. Click Next.
7. Configure the IP address or allow one to be configured by DHCP, as shown in Figure 5-29. Click Next.
8. On the Ready to Complete page, review your settings and click Finish.
After you finish configuring it, you can check the setting of your virtual adapter by coming back to VMkernel Adapters for the host, as shown in Figure 5-30. To make changes to those configuration settings, you can select the Edit Settings link that looks like a pencil and edit the properties of the virtual adapter.
To configure a virtual adapter, follow the steps outlined in Activity 5-10.
Activity 5-10 Configuring a Virtual Adapter
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to configure a virtual adapter and then select Manage and then Networking.
4. In the blue area below, select VMkernel Adapters.
5. Click the adapter on which you want to edit settings, and click the Edit Settings link that looks like a pencil, as shown in Figure 5-31.
6. Edit settings as desired, including vmnics, IP Addressing, TCP/IP Stacks, and Available Services. You will also be able to confirm the impact of your changes before you commit to them. Finally, you can view and confirm the results of your changes in the VMkernel Adapters section when you finish; as shown in Figure 5-32.
7. Click OK to confirm and save all your changes.
When things change and you no longer need the service that the VMkernel port was providing, you can free up the vmnic by removing it from the virtual adapter.
To remove a vmnic from a VMkernel adapter, follow the steps outlined in Activity 5-11.
Activity 5-11 Removing a VMkernel Adapter
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to remove a virtual adapter and then select VMkernel Adapters.
4. Select the VMkernel adapter that you want to remove, and then click the Remove Selected Network Adapter link (the red X), as shown in Figure 5-33.
5. Click Analyze Impact to be sure that you are not disconnecting a currently used adapter, or click OK when you are sure that you want to remove the adapter, as shown in Figure 5-34.
Migrating Virtual Adapters to/from a vSphere Standard Switch
You do not necessarily have to migrate virtual adapters from your vSSs to your vDSs, but you might want to, especially if your ultimate goal is to do away with the vSS altogether. In that case, make sure that all the VMkernel ports that you have been using on your vSSs are successfully migrated to your vDSs. This section shows how you can use the tools provided by the vCenter to easily migrate VMkernel ports from vSSs to vDSs.
To migrate virtual adapters from a vSS to a vDS, follow the steps outlined in Activity 5-12.
Activity 5-12 Migrating Virtual Adapters from a vSS to a vDS
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Select the host on which you want to migrate a virtual adapter and click Manage and then Networking.
4. In the blue area below, select Virtual Switches, and then select the switch to which you want to migrate the virtual adapter.
5. Click the Migrate Physical or Virtual Adapters to This Distributed Switch link and then choose Manage VMkernel Adapters, as shown in Figure 5-35. Click Next.
6. Click the VMkernel port that you want to migrate, and then click Assign Port Group, as shown in Figure 5-36. Click Next.
7. Select the destination dvPort group on the vDS to which you want to migrate the VMkernel port, as shown in Figure 5-37. Click OK, and then click Next.
8. Verify that there is no negative impact. Click Next.
9. On the Ready to Complete page, review your settings and then confirm by clicking Finish.
Migrating Virtual Machines to/from a vSphere Standard Switch
As you learned earlier, the purpose of port groups is to get more than one function from a switch. In other words, port groups give you options on which to connect your VMs. You can configure different policies on port groups that are specific to the VMs that you will connect to them. In this regard, port groups on vDSs are no different from those on vSSs; they both give you more options for your VMs.
To help you understand the concept of migrating the VMs from a vSS to a vDS, suppose for a moment that the switches are physical. You walk into your network closet and you have some switches that have been there for years. They are old and noisy, and they have a limited set of features compared to new switches available today. As luck would have it, you received some money in the budget to buy a shiny new switch that has lots of features that the old noisy switches do not have. You have racked the switch and powered it up for testing, and you are now ready to start moving the cables that the computers are using from the old switch to the new switch.
In essence, this is the opportunity that you have when you create a new vDS. You can take advantage of all the new features of vDS, but only after you have moved the VMs over to the vDS. You could do this one at time, much like you would be forced to do in the physical world, but there are tools in vSphere that make it much faster and easier to move multiple VMs at the same time. In this section, you learn how you would move an individual VM from a vSS to a vDS, or vice versa, and then you learn how to use the tools provided by vSphere to move multiple VMs at the same time. In both cases, the focus will be on the VM port group, which you might remember is one of the connection types that are very important.
To migrate a single VM to/from a vDS, follow the steps outlined in Activity 5-13.
Activity 5-13 Migrating a Single VM to/from a vDS
1. Log on to your vSphere Web Client.
2. Select Home and then Hosts and Clusters.
3. Right-click the VM that you want to migrate and select Edit Settings, as shown in Figure 5-38.
4. Choose the network adapter that you want to migrate and the Network label (port group) to which you want to migrate it and ensure the Connected box is checked, as shown in Figure 5-39.
5. Click OK to confirm and save your settings.
6. If the port group is on a different IP subnet, you might need to release and renew the IP address of the VM or restart the OS.
If you have only a few VMs to move, this might be an attractive option for you and your organization. However, if you have many VMs to move, you might want a better way that will allow you to move many VMs at once.
To migrate multiple VMs from one port group to another simultaneously, follow the steps outlined in Activity 5-14.
Activity 5-14 Migrating Multiple VMs Using vSphere
1. Log on to your vSphere Web Client.
2. Select Home and then Networking.
3. Right-click the vDS to which you want to migrate VMs, and choose Migrate VM to Another Network, as shown in Figure 5-40.
4. Browse to select the source and destination networks, as shown in Figure 5-41. You can also select No Network to pick up the VMs that are not connected to any network. Click Next.
5. Choose the VMs that you want to migrate from the results of the search, as shown in Figure 5-42. Click Next.
6. On the Ready to Complete page, review your choices and then confirm by clicking Finish, as shown in Figure 5-43.
Configuring LACP on Uplink Port Groups
As previously discussed, you can have more than one vmnic configured for a port group to provide for load balancing and fault tolerance. The options discussed thus far treat each physical link as a separate logical link. For fault tolerance, one link can take the place of another; whereas for load balancing, you use software methods to determine which link is used by each VM for each session.
As an alternative, what if you could combine the bandwidth of several physical links into one logical link for the purposes of providing additional throughput and fault tolerance? The difference is that even if one of the physical links has an issue, the logical link still stays up, albeit with a little less throughput than before. Of course, if you are going to make this work, you have to configure it on both vSphere and on the connecting switches.
With vSphere 5.5 and later, you can set up link aggregation groups (LAGs) that connect to switches that support dynamic link aggregation. vSphere 5.1 allowed only one LAG per vDS, but vSphere 5.5 and later allow up to 64 LAGs per vDS, with up to 24 physical ports on each LAG. This gives you a tremendous flexibility, especially if you already have physical switches that support dynamic link aggregation.
To configure LACP on uplink port groups, you should follow the steps outlined in Activity 5-15.
Activity 5-15 Configuring LACP on Uplink Port Groups
1. Log on to your vCenter Server through your vSphere Web Client.
2. Click Home and then Networking.
3. Click the vDS that you want to configure and click Manage and then Settings.
4. Click LACP and then click the New Link Aggregation Group +, as shown in Figure 5-44.
5. Give your new LAG a name and set the number of ports, mode, and load balancing mode based on the capabilities and settings of the physical switches to which it is connecting, as shown in Figure 5-45. Click OK.
6. Right-click the dvPort group to which you will assign the LAG, click Edit Settings, and then click Teaming and Failover, as shown in Figure 5-46.
7. Move the new LAG into the Standby Uplinks section under Failover Order, as shown in Figure 5-47, and click OK. Move any other Standby links to Unused. (You can ignore the warning because this is intermediate configuration and you know exactly what you are doing!)
8. Right-click the vDS in the left pane (Navigator), and then Add and Manage Hosts, as shown in Figure 5-48.
9. Click Manage Host Networking, and then click Next, as shown in Figure 5-49.
10. Click Attach Hosts, and then attach the hosts that you want to include, as shown in Figure 5-50.
11. Click Manage Physical Adapters and clear the other options, as shown in Figure 5-51.
12. Assign the uplinks that you chose to the new LAG ports for each host, as shown in Figure 5-52. Click Next.
13. Review the Analyze impact screen to make sure that you are not affecting VM status, as shown in Figure 5-53. Click Next. Click Finish.
14. Right-click the dvPort group to which you will assign the new LAG, and then select Edit Settings and then Teaming and Failover.
15. Move the LAG into Active Uplinks and then move any other uplinks to Unused, as shown in Figure 5-54. Click OK to save all settings and close the window.
16. The dvPort group (in this case, dvProduction) will now use the LAG for its connection, as shown in Figure 5-55.
Determining Use Cases for a vSphere Distributed Switch
As I mentioned earlier, if you decide that you are going to use a vDS in your vSphere, you typically need to obtain an Enterprise Plus license. Of course, the Enterprise Plus license gives you many other features in addition to those that relate to networking, but this section focuses on networking features and ways that they might benefit a medium-sized to large-sized organization.
As outlined previously in Table 5-2, many features are available only on vDSs. They include features such as inbound traffic shaping, private VLANs, more granular port control for blocking, mirroring, LACP, and so on. These features can benefit your organization by giving you greater flexibility, tighter control, and enhanced security in your network. How you use them will likely vary based on what you are currently using in the physical world.
One of the nice things about this decision is that it does not have to be an “all or nothing” one. In other words, you can continue to use vSSs and begin to incorporate vDSs. You can leave your VMkernel ports or even service console ports (on ESX hosts) on the vSSs and use only VM port groups on the vDSs if you so desire. It’s up to you to decide what will be best for your virtual networking now and into the future and how to best use the features that VMware provides. The flexibility is there, and it’s your decision as to its implementation in your virtual network and its connection to your physical network.
Summary
This chapter covered the following main topics:
Identifying the capabilities of vSSs and the creation, configuration, editing, and removal of vSSs and the port groups they contain.
The creation, configuration, management, and removal of vDSs and the port groups that they contain, including comparing and contrasting their features with those of vSSs.
The configuration of LACP and the process of creating LAGs and assigning them to uplinks.
Exam Preparation Tasks
Review All the Key Topics
Review the most important topics from the chapter, noted with the Key Topic icon in the outer margin of the page. Table 5-3 lists these key topics and the page numbers where each is found.
Review Questions
The answers to these review questions are in Appendix A.
1. Which of the following is not a valid use for a VMkernel port?
a. IP storage
b. vMotion
c. FT logging
d. VM Port Group
2. What is the maximum number of hosts that you can connect to a vSphere 6.0 vDS?
a. 500
b. 10
c. 1,000
d. 32
3. Which of the following is configurable on a vDS but not on a vSS?
a. Private VLANs
b. NIC teaming
c. Outbound traffic shaping
d. 802.1Q tagging
4. Which of the following is a capability of a vDS but not of a vSS?
a. Outbound traffic shaping
b. Network Migration of Policies
c. VLAN segmentation
d. NIC teaming
5. What is the maximum number for LAGs that you can have on a vSphere 6.0 vDS?
a. 1,000
b. 50
c. 64
d. 10,000
6. Which discovery protocol is configurable on a vDS, but not on a vSS?
a. CDP
b. SNMP
c. LLDP
d. SMTP
7. Which of the following is not a part of the configuration of a VMkernel port?
a. IP address
b. Subnet mask
c. Default gateway
d. MAC address
8. Which of the following are not possible with a vSS but are possible with a vSphere 6.0 vDS?
a. Per-port policy settings
b. vMotion
c. User-defined network I/O Control
d. Load balancing
9. Which of the following tools allows you to migrate multiple VMs from a vSS onto a vDS?
a. vMotion
b. The Migrate Virtual Machine Wizard
c. Storage vMotion
d. DRS
10. Which tool should you use to remove a vmnic from a vDS?
a. The Manage the Physical Network Adapters Connected to the Selected Switch link
b. The Teaming and Failover tool
c. The Add and Remove Host Networking tool
d. The Manage Networks tab