• No results found

VSICM6 M05 Networking

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "VSICM6 M05 Networking"

Copied!
50
0
0

Loading.... (view fulltext now)

Download now ( 50 Page )

Full text

(1)

Configuring and Managing

Configuring and Managing

Virtual Networks

Virtual Networks

Module 5 Module 5

(2)

 Y

 Y

ou

ou

Are Here

Are Here

1.

1. Course IntroductionCourse Introduction

2.

2. Software-Defined Data Center Software-Defined Data Center 

3.

3. Creating Virtual MachinesCreating Virtual Machines

4.

4. vCenter Server vCenter Server 

5.

5. Configuring and ManagingConfiguring and Managing Virtual Networks

Virtual Networks

6.

6. Configuring and ManagingConfiguring and Managing

Virtual Storage

Virtual Storage

7.

7. Virtual Machine ManagementVirtual Machine Management

8.

8. Resource Management andResource Management and

Monitoring

Monitoring

9.

9. vSphere HA and vSphere FaultvSphere HA and vSphere Fault

Tolerance

Tolerance

10.

10. Host ScalabilityHost Scalability

11.

11. vSphere Update Manager andvSphere Update Manager and Host Maintenance

Host Maintenance

12.

(3)

 Y

 Y

ou

ou

Are Here

Are Here

1.

1. Course IntroductionCourse Introduction

2.

2. Software-Defined Data Center Software-Defined Data Center 

3.

3. Creating Virtual MachinesCreating Virtual Machines

4.

4. vCenter Server vCenter Server 

5.

5. Configuring and ManagingConfiguring and Managing Virtual Networks

Virtual Networks

6.

6. Configuring and ManagingConfiguring and Managing

Virtual Storage

Virtual Storage

7.

7. Virtual Machine ManagementVirtual Machine Management

8.

8. Resource Management andResource Management and

Monitoring

Monitoring

9.

9. vSphere HA and vSphere FaultvSphere HA and vSphere Fault

Tolerance

Tolerance

10.

10. Host ScalabilityHost Scalability

11.

11. vSphere Update Manager andvSphere Update Manager and Host Maintenance

Host Maintenance

12.

(4)

Importance

Importance

VMware ESXi™ networking features enable: VMware ESXi™ networking features enable:

•• Virtual machines to communicate with other virtual and physical machinesVirtual machines to communicate with other virtual and physical machines

•• Management of the ESXi hostManagement of the ESXi host

•• VMkernel communication on the networkVMkernel communication on the network

Failure to properly configure ESXi networking can negatively affect virtual Failure to properly configure ESXi networking can negatively affect virtual machine management and storage operations.

(5)

Module Lessons

Module Lessons

L

Leessssoon n 11:: IInnttrroodduuccttiioon n tto o vvSSpphheerre e SSttaannddaarrd d SSwwiittcchheess L

Leessssoon n 22:: CCoonnffiigguurriinng g SSttaannddaarrd d SSwwiittcch h PPoolliicciieess L

(6)

Lesson 1:

Lesson 1:

Introduction to vSphere Standard

Introduction to vSphere Standard

Switches

(7)

Learner Objectives

By the end of this lesson, you should be able to meet the following objectives:

• Describe the virtual switch connection types

(8)

Types of Virtual Switch Connections

 A virtual switch has specific connection types:

• Virtual machine port groups

• VMkernel port:

 – For IP storage, VMware vSphere® High Availability, VMware vSphere® vMotion® migration, VMware vSphere® Fault Tolerance, VMware Virtual SAN™, and VMware vSphere® Replication™

 – For the ESXi management network

Virtual Switch

Production TestDev DMZ vSphere

vMotion

Management

Uplink Ports

(9)

Virtual Switch Connection Examples

More than one network can coexist on the same virtual switch. Or networks can exist on separate virtual switches.

Virtual Switch

Production TestDev iSCSI

vSphere vMotion Management

Virtual Switch Virtual Switch Virtual Switch Virtual Switch Virtual Switch

Production TestDev iSCSI

vSphere vMotion Management

(10)

Types of Virtual Switches

 A virtual network supports these types of virtual switches:

• Standard switches:

 – Virtual switch configuration for a single host • Distributed switches:

 – Virtual switches that provide a consistent network configuration for virtual machines as they migrate across multiple hosts

(11)

Standard Switch Components

 A standard switch provides connections for virtual machines to

communicate with one another, whether they are on the same host or a different host. VM 1 VM 2 VM 3 VMkernel Test VLAN 101 Production VLAN 102 IP Storage VLAN 103 Management VLAN 104 Management Network IP storage

(12)

Viewing the Standard Switch Configuration

You can view a host’s standard switch configuration by clicking Networking on the Manage tab.

Delete the port group.

Display Cisco Discovery Protocol information. Display port group

(13)

About VLANs

ESXi supports 802.1Q VLAN tagging. Virtual switch tagging is one of the tagging policies supported:

• Packets from a virtual machine are tagged as they exit the virtual switch.

• Packets are untagged as they return to the virtual machine.

• Effect on performance is minimal.

ESXi provides VLAN support by giving a port group a VLAN ID.

Virtual Switch VM VLAN 105 VLAN 106 VM VMkernel Physical Switch Physical NIC Trunk Port

(14)

Network Adapter Properties

 A physical adapter can become a bottleneck for network traffic if the adapter speed does not match application requirements.

(15)

Review of Learner Objectives

You should be able to meet the following objectives:

• Describe the virtual switch connection types

(16)

Lesson 2:

Configuring Standard Switch

Policies

(17)

Learner Objectives

By the end of this lesson, you should be able to meet the following objectives:

• Describe the security of a standard switch port group

• Describe the traffic shaping of a standard switch port group

(18)

Network Switch and Port Policies

Policies set at the standard switch level apply to all of the port groups on the standard switch. The exceptions are the configuration options that are overridden at the standard port group.

 Available network policies:

• Security

• Traffic shaping

• NIC teaming and failover 

Policies are defined at these levels:

• Standard switch level:

 – Default policies for all the ports on the standard switch. • Port group level:

 – Effective policies: Policies defined at this level override the default policies set at the standard switch level.

(19)

Configuring Security Policy

 Administrators can define security policies at both the standard switch level and the port group level:

• Promiscuous mode: Allows a virtual switch or port group to present all traffic regardless of the destination.

• MAC address changes: Accept or reject inbound traffic when the MAC address has been altered by the guest.

• Forge transmits: Accept or reject outbound traffic when the MAC address has been altered by the guest.

(20)

Traffic-Shaping Policy

Network traffic shaping is a mechanism for limiting a virtual machine’s consumption of available network bandwidth.

 Average rate, peak rate, and burst size are configurable.

Peak Bandwidth Average    O  u    t    b  o   u   n    d    B  a   n    d  w    i    d    t    h Time

(21)

Configuring Traffic Shaping

 A traffic-shaping policy is defined by average bandwidth, peak

bandwidth, and burst size. You can establish a traffic-shaping policy for each port group and each distributed port or distributed port group:

• Traffic shaping is disabled by default.

• Parameters apply to each virtual NIC in the standard switch.

(22)

NIC Teaming and Failover Policy

 Administrators can edit the NIC teaming and failover policy by configuring specific options.

(23)

Load-Balancing Method: Originating Virtual Port ID

The diagram shows routing based on the originating port ID, called virtual port ID load balancing.

Virtual NICs Physical NICs

Virtual Switch

Physical Switch

(24)

Load-Balancing Method: Source MAC Hash

The diagram shows routing based on source MAC hash.

Virtual NICs Physical NICs Virtual Switch Internet Physical Switch

(25)

Load-Balancing Method: Source and Destination IP Hash

The diagram shows routing based on IP hash.

Virtual NICs Physical NICs

Virtual Switch

Internet

Physical Switch

(26)

Detecting and Handling Network Failure

The VMkernel can use link status or beaconing or both to detect a network failure.

Network failure is detected by the VMkernel, which monitors the link state and performs beacon probing.

VMkernel notifies physical switches of changes in the physical location of a MAC address.

Failover is implemented by the VMkernel based on configurable parameters:

• Failback: How the physical adapter is returned to active duty after recovering from failure.

• Load-balancing option: Use explicit failover order. Always use the vmnic uplink at the top of the active adapter list.

(27)

Lab 7: Using Standard Switches

Create a standard switch and a port group

1. View the Standard Switch Configuration

2. Create a Standard Switch with a Virtual Machine Port Group

(28)

Review of Learner Objectives

You should be able to meet the following objectives:

• Describe the security of a standard switch port group

• Describe the traffic shaping of a standard switch port group

(29)

Lesson 3:

Introduction to vSphere

Distributed Switches

(30)

Learner Objectives

By the end of this lesson, you should be able to meet the following objectives:

• List the benefits of using vSphere distributed switches

• Describe the distributed switch architecture

• Create a distributed switch

• Manage the distributed switch

(31)

About vSphere Distributed Switches

 A vSphere distributed switch greatly extends vSphere networking features and centralizes vSphere management.

• VMware vCenter Server™ owns the configuration of the distributed switch. The configuration is consistent across all the hosts that use it.

•  A distributed switch enhances the use of physical Ethernet NICs with a speed of 10 Gbps or faster.

The behavior of distributed switches is consistent with standard switches:

(32)

Benefits of Distributed Switches

Benefits of distributed switches over standard switches:

• Simplify data center administration

• Provide support for advanced features, such as private VLANs, NetFlow, and port mirroring

• Enable networking statistics and policies to migrate with virtual machines during a migration with VMware vSphere® vMotion®

(33)

Feature Standard Switch Distributed Switch Layer 2 switch VLAN segmentation IPv6 support 802.1Q tagging NIC teaming

Outbound traffic shaping Inbound traffic shaping VM network port block Private VLANs

Load-based teaming

Data center-level management

vSphere vMotion migration over a network Per-port policy settings

Port state monitoring NetFlow

Port mirroring

(34)

Distributed Switch Architecture

vCenter Server  Host 1 Host 2 Virtual Physical Physical NICs (Uplinks) Distributed Ports and Port Groups

Distributed Switch (Control Plane) Uplink Port Groups Hidden Virtual Switches (I/O Plane)

Management Port Management Port

vSphere vMotion Port

vSphere vMotion Port

(35)

ESXi01 ESXi02 Virtual Physical Uplinks Distributed Switch VDS01 vmnic1

Distributed Switch Example

You create a distributed switch named VDS01. You create a port group named Production, which will be used for virtual machine networking. You assign uplinks vmnic1 on host ESXi01 and vmnic1 on host ESXi02 to the distributed switch.

vmnic0 vmnic2 vmnic0 vmnic1 vmnic2

Production

Uplink Port Group

(36)

Viewing a Distributed Switch

You can view a host’s distributed switch configuration by clicking the Manage tab and clicking the Networking link.

View distributed

switch settings. Distributed switch settings.

(37)

Creating a Distributed Switch

You can create a distributed switch on a data center to handle the

networking configuration of multiple hosts at the same time from a central place.

(38)

Editing General and Advanced Distributed Switch Properties

General settings for a distributed switch include the switch name and the number of uplinks.

Basic multicast filtering mode forwards multicast traffic for virtual machines according to the destination multicast group MAC address.

(39)

Migrating Network Adapters to a Distributed Switch

For hosts associated with a distributed switch, you can migrate network adapters from a standard switch to the distributed switch.

Migrate physical or virtual network adapters to this distributed switch.

(40)

Assigning a Physical NIC of a Host to a Distributed Switch

You can assign physical NICs of a host that is associated with a distributed switch to an uplink port on the host proxy switch.

Manage the physical network adapters

connected to the selected switch.

(41)

Connecting Virtual Machines to a Distributed Switch

You connect virtual machines to distributed switches by connecting their associated virtual network adapters to distributed port groups.

For a single virtual machine, modify the network adapter

configuration of the virtual machine.

For a group of virtual machines, migrate virtual machines from a

virtual network to a distributed switch.

(42)

Editing Distributed Port Group General Properties

You can edit general distributed port group settings, such as the

distributed port group name, the port settings, and the network resource pool.

(43)

Editing Distributed Port Group Advanced Properties

From the advanced settings of a distributed port group, you can

configure the per-port overriding of the policies that are set at the port group level.

(44)

About the VMkernel Networking Level

The VMkernel networking layer provides connectivity to hosts and

handles the standard system traffic of VMware vSphere® vMotion®, IP storage, VMware vSphere® Fault Tolerance, VMware Virtual SAN™, and others.

You can also create VMkernel adapters on the source and target

VMware vSphere® Replication™ hosts to isolate the replication data traffic.

TCP/IP stacks at the VMkernel level:

• Default TCP/IP stack

• vMotion TCP/IP stack

• Provisioning TCP/IP stack

(45)

Creating a VMkernel Adapter on a Host Associated with a Distributed Switch

You create a VMkernel adapter on a host that is associated with a distributed switch to provide network connectivity to the host and to handle the traffic for vSphere vMotion, IP storage, vSphere Fault Tolerance logging, Virtual SAN, and others.

Click Add host networking to start the Add Networking wizard.

Click VMkernel Network Adapter .

(46)

Virtual Machine Communication Problem Analysis (1)

Under certain conditions, the virtual machines on the same distributed port group but on different hosts cannot communicate with one another. Problems:

• Virtual machines residing on different hosts and on the same port group are unable to communicate.

• Pings from one virtual machine to another fail. You cannot migrate the virtual machines between the hosts by using vSphere vMotion.

Causes:

• No physical NICs on some of the hosts are assigned to active or standby uplinks in the teaming. The failover order of the distributed port group is not correctly configured.

• The physical NICs on the hosts assigned to the active or standby uplinks reside on different VLANs on the physical switch. The physical NICs on

different VLANs cannot see one another and thus cannot communicate with one another.

(47)

Virtual Machine Communication Problem Analysis (2)

Solutions:

• In the topology of the distributed switch, check which host does not have physical NICs assigned to an active or standby uplink on the distributed port group. Assign at least one physical NIC on that host to an active uplink on the port group.

• In the topology of the distributed switch, check the VLAN IDs of the physical NICs assigned to the active uplinks on the distributed port group. On all hosts, assign physical NICs from the same VLAN to an active uplink on the

(48)

Physical Network Considerations

Your virtual networking environment relies on the physical network infrastructure. As a vSphere administrator, you should discuss your vSphere networking needs with your network administration team. The following issues are topics for discussion:

• Number of physical switches

• Network bandwidth required

• Physical switch configuration support for 802.3ad, for NIC teaming

• Physical switch configuration support for 802.1Q, for VLAN tagging

• Physical switch configuration support for Link Aggregation Control Protocol (LACP)

• Network port security

• Link Layer Discovery Protocol (LLDP) and Cisco Discovery Protocol (CDP) share the following operation modes:

(49)

Lab 8: Using vSphere Distributed Switches

Create and configure a distributed switch

1. Create a Distributed Switch

2.  Add the ESXi Hosts to the New Distributed Switch

3. Examine Your Distributed Switch Configuration

4. Migrate the Virtual Machines to a Distributed Switch Port Group

(50)

Review of Learner Objectives

You should be able to meet the following objectives:

• List the benefits of using vSphere distributed switches

• Describe the distributed switch architecture

• Create a distributed switch

• Manage the distributed switch

References

Download now ( PDF - 50 Page - 1.27 MB )

Related documents

Mineralogy of soils of major geomorphic units of north-eastern Haryana, India

The general site characteristics of the soils developed on four major geomorphic units of north-eastern Har- yana viz., Shiwalik hills, piedmont plains, flood plains and

G3MS. An uncomplicated carbon management solution Australian edition

Supported by real engineers More than just software, the G3MS service includes support from Carbon Planet’s team of PhD engineers Detailed reporting By thoroughly understanding

ADVICE FOR PATIENTS ON HEART MEDICATIONS

The drugs used in the treatment of high blood pressure will have the added benefit of reducing symptoms of angina and controlling your heart beat.. These drugs work by opening up

Parallelized rotation and flipping INvariant Kohonen maps (PINK) on GPUs

The training algorithm consists of three parts: The generation of the rotated and flipped images, the calculation of the Euclidean distance between every rotated image and neurons,

XQuery and the E-xml Component suite

In this section, we describe the e-XML Mediator, which provides a uniform view of multiple heterogeneous data sources and query access with the XQuery language.. To accomplish

Inside and Out: Intrapersonal and Interpersonal Emotion Regulation in Young-Adult Friendships

Modeling the interpersonal regulatory domains measured by the IERQ (Hofmann et al., 2016), and recognizing the importance of measuring both intrinsic and extrinsic regulation

Shayambhar : center for underprivileged childern

Oxford dictionary states that being underprivileged is not enjoying the same standard of living or rights as the majority of people in a society: needy and underprivileged

Love-Politics: Lesbian Wedding Practices in Canada and the United States from the 1920s to the 1970s

14 When black, Latina, and white women like Sandy and June organized wedding ceremonies, they “imagine[d] a world ordered by love, by a radical embrace of difference.”