VMware vSphere Distributed Switch

A vSphere distributed switch (VDS) is a virtual switch that provides centralized management and monitoring of the networking configuration of all hosts associated with the switch. A distributed switch is set up on a vCenter Server system, and its settings are propagated to all hosts associated with the switch.

A network switch in vSphere consists of two logical sections: the data plane and the management plane. The data plane implements the packet switching, filtering, tagging, and so on. The management plane is the control structure you use to configure the data plane functionality. A vSphere standard switch contains both data and management planes, and the standard switch is configured and maintained individually. A vSphere distributed switch separates the data plane and the management plane, as shown in Figure 7-22. The management functionality of the distributed switch resides on the vCenter Server system, which lets you administer the networking configuration of your environment on a data center level. The data plane remains locally on every host associated with the distributed switch. The data plane section of the distributed switch is called a host proxy switch. The networking configuration you create on vCenter Server (the management plane) is automatically pushed down to all host proxy switches (the data plane).

  

Figure 7-22 VMware vSphere Distributed Switch Architecture

Figure 7-22 illustrates the VMware vSphere distributed switch architecture.

The vSphere distributed switch introduces two abstractions, the uplink port group and the distributed port group, that create a consistent networking configuration for physical NICs, virtual machines, and VMkernel services.

An uplink port group or dvuplink port group is defined during the creation of the distributed switch and can have one or more uplinks. An uplink is a template you use to configure physical connections of hosts as well as failover and load-balancing policies. Physical NICs of hosts are mapped to uplinks on the distributed switch. At the host level, each physical NIC is connected to an uplink port with a particular ID. Once the policies such as failover and load balancing are configured over uplinks, the policies are automatically propagated to the host proxy switches, or the data plane. The automatic propagation of policies ensures consistent failover and load-balancing configuration for the physical NICs of all hosts associated with the distributed switch.

Distributed port groups provide network connectivity to virtual machines and accommodate VMkernel traffic. Each distributed port group is identified by using a network label, which must be unique to the current data center. Policies such as NIC teaming, failover, load balancing, VLAN, security, traffic shaping, and other policies are configured on the distributed port groups. The virtual ports connected to a distributed port group share the same properties configured for the distributed port group. As with uplink port groups, the configuration you set on distributed port groups on vCenter Server (the management plane) is automatically propagated to all hosts on the distributed switch through the host proxy switches (the data plane). A group of virtual machines associated to the same distributed port group share the same networking configuration.

A vSphere distributed switch supports all the features of a standard switch. In addition, the vSphere distributed switch supports the following features:

• Data-center-level management
• Network I/O control
• Traffic filtering and marking
• Inbound (Rx) traffic shaping
• Configuration backup and restore
• Private VLANs
• Link aggregation control support
• Port state monitoring
• Port mirroring
• NetFlow