Transcript Networking_From_Physical_to_Virtual

Networking
From Physical to Virtual
© 2009 VMware Inc. All rights reserved
100% Physical Environment
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
Trunk
Physical Network
2
Confidential
Physical and Virtual Environment
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
ESX1
Trunk
Physical Network
3
Confidential
Creating a Virtual Machine
OS
Apps
4
Confidential
# of Network Cards
5
Confidential
Selecting the VLAN/Network for the Virtual Machine
6
Confidential
Selecting the Network Card
7
Confidential
A Virtual Machine is a set of files
8
Confidential
MAC Address
9
Confidential
What does the OS see for NIC?
10
Confidential
What does the OS See?
11
Confidential
vNetwork Standard Switch
Confidential
© 2009 VMware Inc. All rights reserved
Physical and Virtual Environment
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
ESX1
Trunk
Physical Network
13
Confidential
Base Networking Configuration
14
Confidential
Creating a Port Group for Virtual Machine
15
Confidential
Selecting the Physical Network Card(s)
16
Confidential
Setting the VLAN for 1st Port Group
17
Confidential
Adding Additional Port Groups
18
Confidential
VMkernel – Virtual Network Cards for ESX
19
Confidential
Types of Traffics for VMkernel
20
Confidential
VSS - Load Balancing
21
Confidential
VSS - Network Failover Detection
22
Confidential
VSS - Security
23
Confidential
VSS - Traffic Shaping
24
Confidential
VSS - Completed Networking
25
Confidential
Physical with 1 ESX Host
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
ESX1
Trunk
Physical Network
26
Confidential
Physical with 2 ESX Hosts
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
OS
Apps
VLAN 10
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
ESX2
ESX1
Trunk
Physical Network
27
OS
Apps
Confidential
VMotion
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
OS
Apps
VLAN 15
Devices on
Management
Network
VLAN 20
ESX2
ESX1
Trunk
Physical Network
28
Devices on
iSCSI/NFS
Network
Confidential
VMotion
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 10
OS
Apps
VLAN 15
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
ESX2
ESX1
Trunk
Physical Network
29
OS
Apps
Confidential
vNetwork Distributed Switch
Confidential
© 2009 VMware Inc. All rights reserved
VMware Distributed Switch
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
UpLink1
UpLink2
UpLink3
ESX1
ESX2
Trunk
Physical Network
31
Confidential
VMware Distributed Switch
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
UpLink1
UpLink2
UpLink3
ESX1
ESX2
Trunk
Physical Network
32
Confidential
VMware Distributed Switches
33
Confidential
DVS – Base Configuration
34
Confidential
DVS – New Port Group
35
Confidential
DVS – Types of Port Groups
36
Confidential
DVS – Port Group Configuration
37
Confidential
DVS – Configured with 2 Port Groups
38
Confidential
DVS – Load Balancing
39
Confidential
DVS – Add Hosts
40
Confidential
Virtual NICs
41
Confidential
Networking – Final Configuration
42
Confidential
Cisco Nexus 1000v
Confidential
© 2009 VMware Inc. All rights reserved
Cisco Nexus 1000v
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 15
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
UpLink1
UpLink2
UpLink3
ESX1
ESX2
Trunk
Physical Network
44
Confidential
Networking – Installation VSM
45
Confidential
Networking – Installation VEM
46
Confidential
Configuration the VSM
47
Confidential
Networking
48
Confidential
Keep your process consistent
Network Administrator view
Server Administrator view
N1k-VSM# sh port-profile name Ubuntu-VM
port-profile Ubuntu-VM
description:
status: enabled
capability uplink: no
capability l3control: no
system vlans: none
port-group: Ubuntu-VM
max-ports: 32
inherit:
config attributes:
switchport mode access
switchport access vlan 95
no shutdown
assigned interfaces:
Vethernet2
Vethernet4
49
Confidential
Blade Chassis Configuration
Confidential
© 2009 VMware Inc. All rights reserved
Blade Chassis with 2 Blades using Standard Switch
OS
Apps
OS
Apps
VLAN 10
VLAN 15
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
OS
Apps
VLAN 10
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
ESX2
ESX1
Blade Chassis
Physical Network
51
OS
Apps
Confidential
Blade Chassis with 2 Blades using Distributed Switch
OS
Apps
OS
Apps
VLAN 10
VLAN 15
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
OS
Apps
VLAN 10
OS
Apps
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
UpLink1
UpLink2
UpLink3
ESX1
ESX2
Blade Chassis
Physical Network
52
Confidential
VMware Network IO Control
Confidential
© 2009 VMware Inc. All rights reserved
Network IO Control
OS
Apps
OS
Apps
VLAN 10
VLAN 15
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
OS
Apps
VLAN 10
Devices on
iSCSI/NFS
Network
Devices on
Management
Network
VLAN 20
ESX2
ESX1
Blade Chassis
Physical Network
54
OS
Apps
Confidential
Switch Feature Comparison
Confidential
© 2009 VMware Inc. All rights reserved
Switch Feature Comparison – 1 of 3
ESX 3.5:
Standard
vSwitch
VMware 4u1:
vNetwork
Standard
Switch
VMware 4u1:
vNetwork
Distributed
Switch
Cisco Nexus
1000V 1.2
Layer 2 Forwarding
Yes
Yes
Yes
Yes
IEEE 802.1Q VLAN Tagging
Yes
Yes
Yes
Yes
Multicast Support (IGMP v2 and v3)
Yes
Yes
Yes
Yes
-
-
-
Yes
Yes
Yes
Yes
Yes
-
-
Yes
Yes
Virtual MAC Pinning
Yes
Yes
Yes
Yes
EtherChannel
Yes
Yes
Yes
Yes
Virtual Port Channels
-
-
-
Yes
Link Aggregation Control Protocol (LACP)
-
-
-
Yes
Virtual Switchport ID
Yes
Yes
Yes
Yes
Source MAC
Yes
Yes
Yes
Yes
Source and Destination IP
Yes
Yes
Yes
Yes
Source and Destination MAC
-
-
-
Yes
Source and Destination Port IP
-
-
-
Yes
Additional Hashing Options
-
-
-
Yes
Feature
Switching Features
IGMPv3 Snooping
VMware VMotion Support
Network VMware VMotion (Network Policy)
Upstream Switch Connectivity
Load Balancing Algorithms
56
Confidential
Switch Feature Comparison – 2 of 3
ESX 3.5:
Standard
vSwitch
VMware 4u1:
vNetwork
Standard
Switch
VMware 4u1:
vNetwork
Distributed
Switch
Cisco Nexus
1000V 1.2
Tx Rate Limiting (from virtual machine)
Yes
Yes
Yes
Yes
Rx Rate Limiting (from virtual machine)
-
-
Yes
Yes
iSCSI Multipathing
-
Yes
Yes
Yes
Quality-of-service (QoS) marking
Differentiated Services Code Point
(DSCP)
Type of Service
-
-
-
Yes
-
-
-
Yes
Class of Service
-
-
-
Yes
Port Security
Yes
Yes
Yes
Yes
VMware VMSafe compatible
Yes
Yes
Yes
Yes
Private VLANs (PVLANs)
-
-
Yes
Yes
Local PVLAN enforcement
-
-
-
Yes
Access Control Lists (ACL)
-
-
-
Yes
DHCP Snooping
-
-
-
Yes
IP Source Guard
-
-
-
Yes
Dynamic ARP Inspection
-
-
-
Yes
Virtual Service Domain
-
-
-
Yes
Feature
Traffic Management Features
Security Features
57
Confidential
Switch Feature Comparison – 3 of 3
ESX 3.5:
Standard
vSwitch
VMware 4u1:
vNetwork
Standard
Switch
VMware 4u1:
vNetwork
Distributed
Switch
Cisco Nexus
1000V 1.2
VMware vCenter Support
Yes
Yes
Yes
Yes
Third Party Accessible APIs
Yes
Yes
Yes
Yes
Network Policy Groups
Yes
Yes
Yes
Yes
VMware port mirroring (promiscuous)
Yes
Yes
Yes
-
Multi-Tier Policy Groups (inheritance)
-
-
-
Yes
SPAN
-
-
-
Yes
ERSPAN
-
-
-
Yes
Netflow v9
-
-
-
Yes
SNMP v3 Read/Write
-
-
-
Yes
Yes
Yes
Yes
Yes
Syslog
**
**
**
Yes
Packet Capture & Analysis
-
-
-
Yes
Radius/TACACS+
Configuration and management console
and interface
IPv6 for Management
-
-
VI Client
VI Client
-
Yes
VI Client to VMware
vCenter Server
Yes
Yes
VMware vCenter
and Cisco CLI
Yes
-
-
-
Yes
Feature
Management Features
CDP v1/v2
NX-OS XML API
58
Confidential
ICONS
Nexus 1000
Nexus 1KV
VSM
Workgroup
Switch
59
Confidential