VMware vSphere 7 and virtual networking is a large topic. In this post, we'll describe some bases and talk about VMkernel networking. This post is a part of a free Study Guide when preparing to pass the VMware VCP-DCV certification exam.
VMware just released a new certification exam (2V0-21. 23) which it's focusing on the installation, configuration, and management of VMware vSphere 8. You can become certified with a label of VCP-DCV 2023 certified.
Get the latest VCP-DCV 2023 overview PDF from VMware Education. Check the Official VMware VCP-DCV 2023 exam guide (blueprint) here. Check the VMware VCP-DCV 2023 page here.
NOTE: The exam based on vSphere 7.x will be retired the 31. Jan 2024
We have started working on a new Study Guide to pass VCP-DCV based on vSphere 8.x – VCP8-DCV Study Guide Page (Work-in-Progress)
However, you can still pass the exam based on vSphere 7.x right now. VCP7-DCV Study Guide – VCP-DCV based on vSphere 7.x
**************************************************
- The exam duration is 135 minutes
- The number of questions is 70
- The passing Score is 300
- Price = $250.00
**************************************************
I'm using a lab with VMware Workstation PRO software pre-installed. (You can use the FREE Player too, but it's kind of nice to have the Workstation, with more features…..).
So, let's get started. Few words and definitions which you'll hear quite often.
- Physical network – A network of physical machines that are connected so that they can send data to and receive data from each other. VMware ESXi runs on a physical machine.
- Virtual Network – virtual machines running on a physical machine that are connected logically to each other so that they can send data to and receive data from each other. The VMs are also connected to the physical world. The virtual network also provides services such as vmkernel services which are necessary to maintain management connections, vMotion, VSAN, iSCSI, Fault Tolerance (FT) etc.
A vSphere Standard Switch is very similar to a physical Ethernet switch. Virtual machine network adapters and physical NICs on the host use the logical ports on the switch as each adapter uses one port. Each logical port on the standard switch is a member of a single port group.
Terminology:
We assume that you know already the networking terminology and their meanings. Things such as TCP/IP, MAC address, IP address, Ether Channel, LACP, …
Let's describe some networking creation concepts, for vSphere standard switch (vSS).
- vSphere Standard Switch (vSS) – it's like a physical Ethernet switch where you have VMs connected and those can communicate with each other as the switch forward traffic to each of those VMs.
- Standard Port group – portgroup specifies port configuration options (VLAN, bandwidth limitation). A single standard switch has usually one or more portgroups.
- Uplink – Ethernet adapters, also referred to as uplink adapters, to join virtual networks with physical networks.
A VLAN ID, which restricts port group traffic to a logical Ethernet segment within the physical network, is optional. For port groups to receive the traffic that the same host sees, but from more than one VLAN, the VLAN ID must be set to virtual guest tagging (VGT) VLAN 4095.
To Create VSS
Open vSphere Web client > Hosts and clusters, select host > Configure > Networking > Virtual Switches > Add Networking
You'll need to select one of the 3 different options:
- VMkernel Network Adapter – Chose this one if you want to create a new VMkernel Adapter and associate some services (VSAN, FT, VMOTION)
- VM Port Group – Chose this one if you want to create a virtual machine port group
- Physical Network Adapter – Chose this one if you want to create and manage physical adapters on ESXi host
Continue the assistant to create your vSS and network.
VMkernel adapters are part of every host. The management network for example is essentially based on VMkernel networking, but this is not the only one. VMkernel network adapters have, or can have several functions:
Management Traffic – configuration and management communication for the host, vCenter Server, and HA traffic. When ESXi is first installed, a VMkernel adapter is created with management-selected checkbox.
vMotion Traffic – when you check this box, the VMkernel adapter is able to be used for vMotion. You can use mutiple physical NICs for faster migration. By default, vMotion traffic is not encrypted.
Provisioning traffic – Basically, this type of traffic is used for VM cold migrations, cloning, and snapshot migration.
IP Storage and discovery – This is an important role for VMkernel adapter, as this role allows you to connect to ISCSI and NFS storage. You can use several physical NICs and “bind” each to a single VMkernel to enable multipathing for additional throughput and redundancy. This role is not a checkbox you simply activate though.
Fault Tolerance traffic – One of the features you can enable, Fault Tolerance, allows you to create a second mirror copy of a VM. To keep both machines precisely the same requires a lot of
network traffic. This role must be enabled and is used for that traffic.
vSphere Replication traffic – As it sounds like, this role handles the replication traffic sent to a vSphere Replication server.
vSAN traffic – Mandatory to check if you configured vSAN. The resync of VSAN objects and retrieval needs a very high amount of network bandwidth, so it would be best to have this on as fast of a connection as you can. vSAN does support multiple VMkernels for vSAN but not on the same subnet.
Recap
The VMkernel port is a virtual adapter, which means it is a special device with which the vSphere host communicates with the outside world. Thus, any service at the second or third level is delivered to the vSphere host.
The VMkernel Networking Layer allows you to connect to the host. Also, it processes the system traffic of IP storage, vSphere vMotion, vSAN, Fault Tolerance, and others. As an example for vSphere replication: You can create many different VMkernel adapters use them on the source and target vSphere Replication hosts in order to isolate replication data traffic.
So, basically vSphere supports different TCP/IP stacks each of them isolated from each other.
- Default TCP/IP Stack – This default stack provides networking support for management traffic between vCenter Server and ESXi hosts, and other system services such as FT or iSCSI.
- vMotion TCP/IP stack – Use the vMotion TCP/IP to provide better isolation for the vMotion traffic. After you create a VMkernel adapter on the vMotion TCP/IP stack, you can use only this stack for vMotion on this host.
- Provisioning TCP/IP stack – Supports the traffic for virtual machine cold migration, cloning, and snapshot migration. You can use the provisioning TCP/IP to handle Network File Copy (NFC) traffic during long-distance vMotion
- Custom TCP/IP stacks – You can add custom TCP/IP stacks at the VMkernel level to handle the networking traffic of custom applications.
Find other chapters on the main page of the guide – VCP7-DCV Study Guide Page,
VMware Direct download/buy links:
- VMware vSphere 7.0 Essentials PLUS
- VMware vSphere 7.0 Essentials
- VMware vSphere 7.0 Enterprise PLUS
- vSphere Essentials Per Incident Support
- Upgrade to vSphere Enterprise Plus
- VMware Current Promotions
Find other chapters on the main page of the guide – VCP8-DCV Study Guide Page (NEW)
- Homelab v 8.0 (NEW)
- vSphere 8.0 Page (NEW)
- Veeam Bare Metal Recovery Without using USB Stick (TIP)
- ESXi 7.x to 8.x upgrade scenarios
- A really FREE VPN that doesn’t suck
- Patch your ESXi 7.x again
- VMware vCenter Server 7.03 U3g – Download and patch
- Upgrade VMware ESXi to 7.0 U3 via command line
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster
Stay tuned through RSS, and social media channels (Twitter, FB, YouTube)
