VCAP-DCA Study Notes – 2.4 Administer vNetwork Distributed Switches
- Explain relationship between vDS and logical vSSes
Skills and Abilities
- Understand the use of command line tools to configure appropriate vDS settings on an ESX/ESXi host
- Determine use cases for and apply Port Binding settings
- Configure Live Port Moving
- Given a set of network requirements, identify the appropriate distributed switch technology to use
- Use command line tools to troubleshoot and identify configuration items from an existing vDS
Tools & learning resources
- Product Documentation
- ESX Configuration Guide
- ESXi Configuration Guide
- vSphere Command‐Line Interface Installation and Scripting Guide
- vSphere Client
- vSphere CLI
- TA2525 – vSphere Networking Deep Dive (VMworld 2009 – free access)
Relationship between vSS and vDS
Both standard (vSS) and distributed (vDS) switches can exist at the same time – indeed there’s good reason to use this ‘hybrid’ mode.
You can view the switch configuration on a host (both vSS and dvS) using esxcfg-vswitch -l. It won’t show the ‘hidden’ switches used under the hood by the vDS although you can read more about those in this useful article at RTFM or at Geeksilver’s blog.
Command line configuration of a vDS
The command line is pretty limited when it comes to vDS. Useful commands;
- esxcfg-vswitch -P vmnic0 -V 101 <dvSwitch> (link a physical NIC to a vDS)
- esxcfg-vswitch -Q vmnic0 -V 101 <dvSwitch> (unlink a physical NIC from a vDS)
- esxcfg-vswif -l | -d (list or delete a service console)
NOTE: net-dvs can be used for diagnostics although it’s an unsupported command. It’s located in /usr/lib/vmware/bin. Use of this command is covered in section 6.4 Troubleshooting Network connectivity.
NOTE: esxcfg-vswitch can ONLY be used to link and unlink physical adaptors from a vDS. Use this to fix faulty network configurations. If necessary create a vSS switch and move your physical uplinks across to get your host back on the network. See VMwareKB1008127 or this blogpost for details.
Identify configuration items from an existing vDS
You can use esxcfg-vswitch -l to show the dvPort assigned to a given pNIC and dvPortGroup.
See the Troubleshooting Network connectivity section for more details.
Port Binding settings
With standard vSwitches all port bindings are ‘ephemeral’, meaning the port is created when the VM’s powered on and deleted when the VM is powered off (or vMotioned to another host). With distributed switches there are now three types of port binding;
- Default binding method for a dvPortGroup
- Assigned to a VM when it’s added to the dvPortGroup
- Conceptually like a static IP address
- Port assignment persists to the VM across reboots, vMotions etc
- Used when you approach port limits (either on the particular dvPortGroup or on the vDS itself which has a maximum of 6000 dvPorts). If you have 10,000 VMs you only allocate a dvPort to powered on VMs
- Conceptually like DHCP for a pool of desktops
- dvPort assignment can change when VM is powered off. vCenter will attempt to use the same dvPort but no guarantee.
- LIMITATION: Not all VMs can be powered on at the same time if you have more than 6000.
- LIMITATION: vCenter must be available when powering on the VM, as it needs to assign a dvPort.
- Port binding does NOT persist.
- Number of VMs can exceed the number of ports on a given dvPortGroup (but are still bound by the total number of dvPorts on a vDS)
- Equivalent to standard vSwitch behaviour
- You can power on a VM using either vCenter or the VI client connected directly to a host.
Typically used in emergency or recovery situations. You could create an ephemeral portgroup to be used with a virtual vCenter for instance.
Configuring port bindings
- Port Binding are configured in vCenter
- Configured per dvPortGroup (can’t be overridden on an individual dvPort)
- Must be configured before assigning VMs to the dvPortGroup.
- No command line configuration is available.
Configure Live Port Moving
Despite being on the blueprint there is very little information about what this actually is. The ESX Configuration Guide has a token mention (on page 35) where it refers to ‘allowing live port migration’ as a property on a vDS but I couldn’t find the option (and I’m not the only one).
There is a post on the VMware communities site explaining a bit about it – let’s just hope it’s not tested!
Identify the appropriate distributed switch technology to use
This could mean knowing when to use the basic vDS or the Nexus 1000V – have a read of Comparing vSS, dvS and Nexus 1000V white paper. Alternatively it could mean knowing then the extra features available with a vDS (compared to a vSS) are needed;
- to simplify network maintenance in larger environment (less configuration)
- delegation to a network team (relevant to Nexus 1000V)
- when Enterprise+ licencing is available!
- when you need PVLANs (isolation of hosts within a single VLAN for example)
- when you need network vMotion – VMSafe, vShield product suite etc
Use command line tools to troubleshoot an existing vDS
See the troubleshooting section 6.3 for details.