One of the items that becomes apparent when using VMware is that you need to have a strong understanding of routing and switching.
This blog post is a bit self indulgent as I’m preparing for the VCP 5 exam, I thought it would be good for me to put together a few posts on the achitecture of the switches.
All of the switches within ESXi are software based and operate within the VMkernel. They are called virtual switches (vSwitches) and are Layer 2 devices, which are capable of trunking and passing VLAN traffic. A common myth is that vSwitches can trunk ports together using 802.1q. vSwitches do not use Spanning Tree Protocol as one vSwitch cannot be connected to another vSwitch.
Standard Switch (vSwitch)
These are created when we first install ESXi onto our server hardware. By default this is called vSwitch0 and contains 120 visible Ports (actually holds 128 Ports, 8 are reserverd by the VMkernel), the first virtual machine ‘port group’ called VMNetwork and a Management Network which is used by the VMKernel.
Distributed Switch (dvSwitch)
These are standard switches which are logically grouped across all ESXi hosts who share a common distributed switch configuration. These are only available with Enterprise Plus licenses.
Port Groups
These reside within a vSwitch. Port groups contain two different configurations:
– VMkernal Ports allow vMotion, Fault Tolerant Logging, iSCSI NAS, NFS traffic between ESXi hosts as well as allowing management of the ESXi host it resides on.
– VM Ports allow a virtual machines to access other virtual machines or network based resources.
The key thing to remember is that with Port Groups they must be named exactly the same across all ESXi hosts to allow traffic to flow.
Note, it is possible to have a vSwitch without any Port Groups, however this would be like having a physical switch without any physical ports!
Uplinks (pNIC)
An uplink if the physical network adapter that the vSwitch is connected too. Without this the virtual machines that reside on the vSwitch would be isolated and unable to communicate with the rest of the network.
In the picture below we have a Standard Switch called vSwitch1 whose physical uplink (pNIC) is vmnic4. It contains two different port groups, one for vMotion and Fault Tolerant Logging and the other for VM’s on VLAN29.
Even though we have two different port groups, it is important to remember that each port group is a boundary for communications, broadcasts and security policys.
VMFocus 