VMware Networking: Configuring and troubleshooting a vNetwork

The term vNetwork refers to the technologies that VMware vSphere utilizes to integrate networking and input/output functions on an ESX/ESXi host. vSphere includes a number of features and enhancements to provide administrators thorough control over networking processes and make management of these processes simpler.

Implementing a vNetwork in ESX or ESXi is essential for enabling virtual machines to communicate with one another within a networking environment — but establishing a vNetwork on a host can be a difficult and complicated process if you don’t understand how virtual networking works in vSphere.

A virtual network is made up of virtual machines that run on a single, physical machine and transmit data to and from one another. In vSphere, a virtual switch is called a vSwitch. Virtual machines connect to the virtual ports that make up the vSwitch to create a vNetwork. The vSwitch then routes network traffic between the connected virtual machines. vSwitches can also use physical network adapters, or uplink adapters, to connect to a physical switch and associate the virtual network with a physical network.

In vSphere 4, VMware introduced an enhancement to vNetworks: the distributed virtual switch, or DvSwitch. A DvSwitch acts like a global switch, enabling administrators to associate a single switch with all ESX or ESXi hosts in a datacenter, rather than configure a vSwitch for each individual host.

vSphere separates vSwitches and DvSwitches into smaller groups called port groups. VMware uses port groups to connect virtual machines to a switch and define settings like traffic shaping, NIC teaming, load balancing, and other parameters.

Creating Standard Switches

In vSphere, vSwitches can be mapped to one network adapter or to multiple network adapters. vSwitches that have no associated network adapters can also be implemented as well.

A standard switch that has no associated adapters is called an internal vSwitch. Virtual machines connected to an internal vSwitch cannot communicate with other virtual machines outside of the host. These switches can be used to test virtual machines before mapping them to a production network. A vSwitch that is associated with two or more adapters is called a teamed vSwitch; these switches provide an added layer of protection to a network and are used for fault tolerance and load balancing.

A vSwitch starts out with 56 ports, by default, but can be configured to use up to 4,088 ports, and up to 20 network adapters can be associated with a host.

To create a standard switch in vSphere, follow the instructions below:

1. In vSphere, select the ESX or ESXi host. Click “Configuration.” Select “Networking” from the Hardware box. Click “Add Networking” to run the Add Network Wizard.

2. Select “Virtual Machine” and then click “Next.”

3. Select each network adapter to associate with the vSwitch. To create an internal vSwitch, make sure that all network adapters are deselected.

4. Create a unique name for the port group. Names are case-sensitive. (A couple things to keep mind when naming port groups: one, if the names aren’t consistent from host to host, problems will occur when migrating virtual machines or using VMotion; two, while it’s possible to rename a port group after-the-fact, virtual machines that were connected to that port group will disassociate with the switch. Therefore, to avoid potential complications, it’s best to keep track of port group names and follow a standardized naming convention.)

5. Click “Finish” to create a standard vNetwork.

Configuring vSwitches and Port Groups

After creating a vNetwork in vSphere, you can modify the vSwitch to add additional ports and change network parameters.

Add Port Groups

As I mentioned in “Creating Standard Switches,” vSwitches start out with 56 ports, but administrators can increase the port number up to 4,088. Increasing the number of ports per vSwitch is not recommended unless the operating environment requires it, as the ESX/ESXi host must be restarted after the change, and upping the port number requires additional overhead that will lead to wasted resources.

To increase the number of ports per switch:

1. Select the host and then click the Configuration tab. Click “Networking” from the Hardware box.

2. Select the Properties link. Click “vSwitch.” Click “Edit.”

3. Choose from the drop-down menu the number of ports to use with the standard switch. Click “OK.”

Set Network Policies

You can change the parameters of a vSwitch to apply global policies to the vNetwork. Port groups feature options similar to those available to switches and can be used to add greater flexibility to a virtual network, as the settings associated with the port group can act as exceptions to the global policies. You can access the network settings using the same method as described in the section above.

I’ll provide a brief overview of the options you’ll find on each tab:

Security

Promiscuous Mode: Enables a network adapter to retrieve and read all network traffic. Used for packet sniffing to troubleshoot and diagnose network issues.

MAC Address Changes: Allows the virtual MAC address associated with a virtual machine to be changed. Used to create cluster addresses for services like Network Load Balancing, used by Windows Server.

Forged Transmits: Enables a virtual machine to transmit network traffic even if the MAC address on the guest operating system doesn’t match the MAC address stored to the .vmx file (the file that holds the virtual machine’s configuration information).

Traffic Shaping

Traffic shaping is used to control bandwidth on a vNetwork. Traffic shaping focuses on outbound traffic sent from a virtual machine to the physical network; it doesn’t interfere with inbound traffic. The vast majority of administrators will never need to use this feature, particularly because traffic shaping in the vSphere environment is not dynamic and can hinder network performance.

NIC Teaming

NIC Teaming is used for fault tolerance; you can configure standby adapters to take over when the primary adapter fails.

Load Balancing: Configures how outgoing traffic is handled across multiple network adapters in a teamed vSwitch.

Network Failover Detection: Specifies how the host detects network failure.

Notify Switches: Tells the physical switches to route network traffic from virtual machines to different physical network adapters.

Failback: Specifies how the failed adapter should operate if it comes online again.

That’s it for configuring standard switches in vSphere. In part two, I’ll explain how to set up a vNetwork that runs on a distributed switch, and how to troubleshoot your vNetwork if problems occur.