ESXi Networking Part 2

Posted on by Craig

VMkernel Ports

I mentioned in ESXi Networking Part 1 that the VMkernel network carries traffic for:

– vMotion
– iSCSI
– NFS
– Fault Tolerance Logging

VMkernel ports require an IP address, you can have more than one VMkernel network if you feel this level of redundancy is appropriate in your network.  Or you could have one VMkernel network for Management Traffic, Fault Tolerance Logging and vMotion (however I would recommend against this).

VM Ports

Virtual Machine port groups are quite different to VMKernel Ports as they do not require an IP address or an uplink (physical NIC) to work.  They work in exactly the same was an unmanaged physical switch, you plug it in and off you go!

VLAN

Using VLAN’s within ESXi generally is a must unless you have an abundance of physical NIC’s (the limit is 32 per ESXi Host).  VLAN’s provide secure traffic segmentation and reduce broadcast traffic across networks.

We can have multiple Port Groups per uplink if required.  When configuring VLAN’s these can be performed in one of three ways:

– VM Port Group, when adding a new port group you can specify the VLAN ID in the properties of the port group (most common).

– Physical Switch, you can ‘untag’ the uplink that the VM Port Group resides on which forces it into the VLAN ID specified on the physical switch (common).

– Virtual Guest Tagging, this is when the virtual machine is responsible for VLAN tagging.  From an ESXi perspective you need to use VLAN ID 4095 (uncommon).

The uplink that is connected to the physical switch must be configured as a ‘trunk port’ to enable the switch port to carry traffic from multiple VLAN’s at the same time.

Below is an example Standard vSwitch0, from my home LAB, this has one uplink and has three different VLAN’s in play.

VLAN  1 which is the default VLAN and is used by the VMKernel for Management Network purposes and also my Server2012 RC.

VLAN 2 holds my nested ESXi Hosts and vCentre Virtual Appliance.

VLAN 3 holds my iSCSI Storage Area Networks.

NIC Teaming

NIC teaming is used to connect multiple uplinks to a single vSwitch commonly for redundancy and load balancing purposes.

I have seen many NIC teams created with no thought for redundancy on the network card.

Incorrect NIC Teaming

In this configuration we have no resilience for network card failure.

Correct NIC Teaming

In this configuration we have resilience for network card failure.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s