Define traffic rules in a distributed port group or uplink port group to introduce a policy for processing traffic related to virtual machines or to physical adapters. You can filter specific traffic or describe its QoS demands.
NOTE You can override the rules of the policy for traffic filtering and marking at port level. See “Working
with Network Traffic Rules on a Distributed Port or Uplink Port,” on page 120. n View Traffic Rules on a Distributed Port Group or Uplink Group on page 114
View the traffic rules that form the traffic filtering and marking policy of a distributed port group or uplink port group.
n Edit a Traffic Rule on a Distributed Port Group or Uplink Port Group on page 115
Create or edit traffic rules, and use their parameters to configure a policy for filtering or marking the traffic on a distributed port group or uplink port group.
n Change Rule Priorities on a Distributed Port Group or Uplink Port Group on page 115
Reorder the rules that form the traffic filtering and marking policy of a distributed port group or uplink port group to change the sequence of actions for processing traffic.
n Delete a Traffic Rule on a Distributed Port Group or Uplink Port Group on page 115
Delete a traffic rule on a distributed port group or uplink port group to stop processing packets flowing to virtual machines or physical adapters in a specific way.
View Traffic Rules on a Distributed Port Group or Uplink Group
View the traffic rules that form the traffic filtering and marking policy of a distributed port group or uplink port group.
Procedure
1 Locate a distributed port group or an uplink port group in the vSphere Web Client. a Select a distributed switch and click the Related Objects tab.
b Click Distributed Port Groups to see the list of distributed port groups, or click Uplink Port
Groups to see the list of uplink port groups.
2 Right-click the port group and select Edit settings. 3 Select Traffic filtering and marking.
4 If traffic filtering and marking is disabled, enable it from the Status drop-down menu.
5 Examine Action to see if the rule filters traffic (Allow or Deny) or marks traffic (Tag) with special QoS demands.
6 From the upper list, select the rule for which you want to view the criteria for locating traffic. The traffic qualifying parameters of the rule appear in the Traffic Qualifiers list.
Edit a Traffic Rule on a Distributed Port Group or Uplink Port Group
Create or edit traffic rules, and use their parameters to configure a policy for filtering or marking the traffic on a distributed port group or uplink port group.
Procedure
1 Locate a distributed port group or an uplink port group in the vSphere Web Client. a Select a distributed switch and click the Related Objects tab.
b Click Distributed Port Groups to see the list of distributed port groups, or click Uplink Port
Groups to see the list of uplink port groups.
2 Right-click the port group and select Edit settings. 3 Select Traffic filtering and marking.
4 If traffic filtering and marking is disabled, enable it from the Status drop-down menu. 5 Click New to create a new rule, or select a rule and click Edit to edit it.
What to do next
Name the network traffic rule, and deny, allow, or tag the target traffic.
Change Rule Priorities on a Distributed Port Group or Uplink Port Group
Reorder the rules that form the traffic filtering and marking policy of a distributed port group or uplink port group to change the sequence of actions for processing traffic.
The vSphere distributed switch applies network traffic rules in a strict order. If a packet already satisfies a rule, the packet might not be passed to the next rule in the policy.
Procedure
1 Locate a distributed port group or an uplink port group in the vSphere Web Client. a Select a distributed switch and click the Related Objects tab.
b Click Distributed Port Groups to see the list of distributed port groups, or click Uplink Port
Groups to see the list of uplink port groups.
2 Right-click the port group and select Edit settings. 3 Select Traffic filtering and marking.
4 If traffic filtering and marking is disabled, enable it from the Status drop-down menu. 5 Select a rule and use the arrow buttons to change its priority.
6 Click OK to apply the changes.
Delete a Traffic Rule on a Distributed Port Group or Uplink Port Group
Delete a traffic rule on a distributed port group or uplink port group to stop processing packets flowing to virtual machines or physical adapters in a specific way.
Procedure
1 Locate a distributed port group or an uplink port group in the vSphere Web Client. a Select a distributed switch and click the Related Objects tab.
b Click Distributed Port Groups to see the list of distributed port groups, or click Uplink Port
Groups to see the list of uplink port groups.
2 Right-click the port group and select Edit settings.
3 Select Traffic filtering and marking.
4 If traffic filtering and marking is disabled, enable it from the Status drop-down menu. 5 Select the rule and click Delete.
6 Click OK.