- Virtual Switch (vSwitch): Manages virtual machine
and networking at the host level. There is NEVER a direct connection between
two vSwitches, and the Spanning Tree is OFF. So EAST-WEST Traffic is NOT ALLOWED between the
vSwitches, and the only way out of the vSwitch is via UPLINKs (physical
interconnections with the Physical Switch, NIC=VMNIC) that are Teamed to work as one link. There is a
variety of ways of teaming them (Active-Standby, LACP etc.).
Since Spanning-Tree is not running at all, be sure to do BPDUGUARD and PORTFAST TRUNK on the
physical ports of the Switch.
The
existence of VLANs is inevitable in any kind of L2 environment, but in the case
of vSphere, there are 3 methods to configure them:
- EST (External Tag Switching), which is a default method, and all Port Groups on a vSwitch are in VLAN 0. The Physical Switch facing the host needs to be set to an Access Mode (any VLAN will work, depends on your network), because the traffic is coming untagged.
- VST (Virtual Switch Tagging), which means that you basically create a new port group and put it into the VLAN you want, and the VLAN is automatically created on the vSwitch. The Physical Switch needs to have the ports defined as Trunk.
- VGT (Virtual Guest Tagging), when you want to TRUNK to the actual VMs (VM receives the packets with dot1q Trunk with various VLANs). To do this, you need to set the VLAN to be All (4095).
No comments:
Post a Comment