Abstract
There are two types of virtual switches available using vSphere, the vSphere Standard Switch and the vSphere Distributed Switch. The vSphere Standard Switch (vSwitch or vSS) resides in and is manually configured and administered on each ESXi host. The vSphere Distributed Switch (dvSwitch or vDS) provides similar functionality but is centralized to vCenter Server and is more featured. This white paper will cover the vDS architecture as well as an overview of many of the different features that are exclusive to the vSphere Distributed Switch.
Sample
There are two types of virtual switches available using vSphere, the vSphere Standard Switch and the vSphere Distributed Switch. The vSphere Standard Switch (vSwitch or vSS) resides in and is manually configured and administered on each ESXi host. The vSphere Distributed Switch (dvSwitch or vDS) provides similar functionality but is centralized to vCenter Server and is more featured. Additionally, the vSphere Distributed Switch requires the use of vSphere Enterprise Plus licensing.
Both virtual switch types support the following features:
- Forwarding of L2 frames
- LAN segmentation
- 802.1q encapsulation support
- NIC Teaming (support for more than one uplink)
- Outbound (Tx) traffic shaping
- Cisco Discovery Protocol (CDP) support
In addition, the vSphere Distributed Switch supports the following features:
- Datacenter level management
- Network I/O Control
- Traffic filtering and marking
- Inbound (Rx) traffic shaping
- Configuration backup and restore
- Private VLANs
- Link aggregation control support
- Port state monitoring
- NetFlow
- Port mirroring
This white paper will cover the vDS architecture as well as an overview of many of the different features that are exclusive to the vSphere Distributed switch.
Architecture A vSphere Distributed Switch is an aggregation of per-host virtual switches that are presented and controlled as a single distributed switch at the datacenter level through vCenter Server.
The vSphere Distributed Switch provides centralized management and monitoring of the ESXi host networking components that are associated with the dvSwitch. The purpose of this design is to establish a consistent switch configuration across the ESXi hosts in a virtual datacenter due to the dvSwitch being created and configured at the vCenter Server level and propagated to the ESXi hosts.
A vSphere Distributed Switch is made up of two architectural components-the control plane and the I/O plane:
The control plane exists at the vCenter Server level and is ultimately responsible for configuring and managing the dvSwitch, distributed port groups, uplinks, NIC teaming, PVLANs, and so on.
The I/O plane is a hidden virtual switch that exists on each ESXi host that manages the I/O hardware on the ESXi host and is responsible for forwarding frames to the correct uplink(s). Therefore, in the event that vCenter Server is unavailable, communications will persist.
When a virtual machine is connected to a port on a distributed switch, a folder named .dvsData is created on the datastore on which the virtual machine resides. However, the .dvsData folder will not be created if no virtual machines on that datastore are attached to a distributed switch. This folder would not exist if the virtual machines are connected only to standard switches. There is at least one subfolder that matches the universally unique identifier (UUID) of a distributed switch. In that subfolder there may be one or more files that correspond to a port ID in which a VM is connected to. This file contains the port state and policy information.
Each distributed switch may have one or more distributed port groups assigned to it. A distributed port group associates multiple ports under a common configuration, defining how a connection is made to the network. A port can connect any networking entity, such as a virtual machine or a VMkernel interface.
Features
This section will provide an overview to several features that are unique to the vSphere Distributed Switch.
Network I/O Control
Network I/O Control (NIOC) is a traffic management capability that uses network resource pools to determine bandwidth allocation based I/O shares and limits. Network I/O Control was a feature that was released with vSphere 4.1 and is important in environments where 10 GigE cards are prevalent. Using Network I/O Control assists in facilitating sharing bandwidth by different traffic types across the same physical NIC(s).
When the NIOC feature is enabled, the dvSwitch traffic is divided into the following (system defined) network resource pools: management traffic, iSCSI traffic, NFS traffic, vMotion traffic, VSAN traffic, Fault Tolerance traffic, vSphere Replication traffic, and virtual machine traffic. You also have the ability to create custom (user defined) network resource pools should the system defined network resource pools not fit your exact needs. vSphere 6 introduces the ability to guarantee bandwidth not only at the distributed port group level but also to a vNIC at a virtual machine level.