VMware vSphere provides a rich set of networking capabilities that integrate well with sophisticated enterprise networks. These networking capabilities are provided by the ESXi server and managed by vCenter. Virtual networking provides the ability to network virtual machines in the same way physical machines are networked. Virtual networks can be built within a single ESXi server host or across multiple ESXi server hosts. VxRail ESXi hosts use a virtual switch for communication among virtual machines in the VxRail cluster using the same protocols that would be used over physical switches, without the need for additional networking hardware. The virtual switch also supports VLANs that are compatible with standard VLAN implementations from switch vendors. A virtual switch, like a physical Ethernet switch, forwards frames at the data-link layer.
Virtual Ethernet adapters are the key vSphere components for virtual networking. A virtual machine can be configured with one or more virtual Ethernet adapters, each of which has its own IP address and MAC address. As a result, virtual machines have the same properties as physical machines from a networking standpoint. In addition, virtual networks enable functionality not possible with physical networks today. Virtual Ethernet adapters are used by individual virtual machines and the virtual switches that connect VMs to each other and connect both virtual machines and the ESX Server service console to external networks.
The virtual switch links to the external network through outbound Ethernet adapters called vmnics, and the virtual switch can bind multiple vmnics together (much like NIC teaming on a traditional server), extending availability and bandwidth to the virtual machines it services.
Virtual switches are similar to their physical-switch counterparts. Like a physical network device, each virtual switch is isolated for security and has its own forwarding table. An entry in one table cannot point to another port on another virtual switch. The switch looks up only destinations that match the ports on the virtual switch where the frame originated. This feature stops potential hackers from breaking virtual switch isolation. Virtual switches also support VLAN segmentation at the port level, so each port can be configured either as an access port to a single VLAN or as a trunk port to multiple VLANs.
VxRail clusters use the VMware Virtual Distributed Switch (VDS), which functions as a single switch that spans across multiple nodes in the same cluster. This switch enables virtual machines to maintain consistent network configuration as they migrate across multiple hosts. A distributed switch is configured in vCenter Server at the datacenter level and makes the configuration consistent across all hosts. vCenter Server stores the state of distributed ports in the vCenter Server database. Networking statistics and policies migrate with virtual machines when the virtual machines are moved from host to host. As discussed in upcoming sections, vSAN relies on VDS for its storage-virtualization capabilities, and the VxRail system uses VDS for system traffic.
The following figure provides an overview of VDS.
Figure 32. Virtual Distributed Switch (VDS)