- How to use VMware vSAN ReadyNode Configurator - Fri, Dec 17 2021
- VMware Tanzu Kubernetes Toolkit version 1.3 new features - Fri, Dec 10 2021
- Disaster recovery strategies for vCenter Server appliance VM - Fri, Nov 26 2021
Set networking policies on virtual switches to configure different properties of the virtual network, such as connectivity to virtual machines (VMs) and VMkernel services, VLAN tagging, security, and more.
You can use the NIC teaming policy to connect a virtual switch to multiple physical NICs on a host to increase the network bandwidth of the switch and to provide redundancy. Several physical NIC adapters in a NIC team can distribute the traffic between its members and provide passive failover in case of adapter failure or if the network is down.
You can set NIC teaming policies at the virtual switch or port group level for a VSS and at the port group or port level for a VDS.
VSS
Set the networking policies on the entire VSS or on the individual port groups. If you set the policies on the entire switch, the policies apply to all the port groups present in the switch. If you want to apply different policies to a specific port group, you need to apply the policy to that particular port group and check that Override Policies is set on the switch for each port group.
For example, you can configure which physical network adapters handle the network traffic for the VSS.
Connect to the vCenter Server via the vSphere client, select your host, and then select Configure > Networking > Virtual Switches.
Edit properties of vSphere Standard Switch
Then select vmnic7 and click the Up arrow to move this adapter to the Active adapters section.
Select the unused adapter and move it up to the Active adapters section
And now we have two active uplinks configured for this vSwitch.
Two active NICs as uplinks are now configured for the VSS
Click OK to validate the configuration.
If you want to apply a network policy to a port group, we can show you another example. Let's say that you have added two other physical NICs to your ESXi host, and you want to use those adapters only for vMotion traffic and experience faster vMotion.
Go back to the VSS and select vMotion > Edit settings > Teaming and Failover.
Configure multiple adapters for vMotion traffic
First, check the override checkbox. Leave the NICs that you plan to use for vMotion traffic, select the other two NICs, and click the Down arrow to move them to the unused section.
The override option simply allows you to override the global VSS network policy applied at the switch level above.
Select the other two uplinks and move them to the unused section
Click OK to validate the configuration. Your vMotion port group should now look like this. You have two NICs dedicated to vMotion and two NICs that are unused (they're used for other services already).
Click validate to save the configuration
If you want to check which NICs are used for each of the port groups, simply click the link in each port group, and you'll have a visual.
When we click the vMotion link on the port group in our example, we can see which NICs are used for vMotion traffic.
When you click the vMotion link you should see which NICs are used for vMotion traffic
VDS
If you're lucky and have an Enterprise Plus license, or if you're running VMware vSAN, you can configure networking policies on VDS.
In VDS, set networking policies on distributed port groups or uplink port groups. Policies apply to all ports in the group.
To have different policies for specific ports, you can override the policies set on the port group at a per-port level. This is useful when you want to set specific policies for individual VMs or physical network adapters.
Go to Networking and select your VDS. Then select Actions > Manage Distributed Port Groups.
Manage distributed port groups on VDS
A new assistant is displayed. Select Teaming and failover.
Select Teaming and failover
Click Next to select the port groups. In our example, we select all three port groups.
Select all three port groups
On the next page, select Uplink 3 and Uplink 4 and click the Move Down button to push them to the Unused uplinks section.
Select Uplink 3 and Uplink 4 and click the Move Down button
Then click OK to validate and save your settings.
Click validate to save your settings
You're done. You have just configured three different port groups simultaneously with a single networking policy. This is the power of distributed switches. You can apply your configuration to all the hosts that are attached to the VDS within your cluster. If you had used only VSS, you'd have to do this host-by-host.
If you're studying for the VMware VCP-DCV exam, be sure to read the networking section, where you can also find more information about VLAN policies, security policies, traffic shaping policies, and resource allocation policies.
You'll also need to learn about monitoring, traffic filtering, and port blocking policies. These are all the sections that might be tested on the exam; however, we do not have enough space in a single blog post to detail them all.
Subscribe to 4sysops newsletter!
vSphere 7 has improved the UIs of the VSS and the VDS by streamlining the steps and adding many visual assistants, so it is easier to navigate the networking sections and make changes to the configurations.
