In the previous blog we saw how Linux supports virtual networking using bridges. VMware vSphere is the most popular hypervisor brand in the world and it is natural that it also supports virtual networking. In fact vSphere supports some very advanced networking functions, that are not available in most of the other hypervisors.
Let me introduce the key elements of VMware virtual networking. After reading this blog, I recommend that you read the official guide about virtual networking.
VMware Virtual Networking – pictorial overview
Here is a picture that captures the important entities part of VMware virtual networking.
The Virtual Switch is the most important entity in a Virtual Network. We have seen this in case of Linux Bridge also.
VMware supports two flavors of virtual switches. These are vSphere Standard Switch (VSS) and vSphere Distributed Switch (VDS). While VSS is available on all editions of vSphere, the distributed switch (VDS) is available only on the Enterprise Plus Edition. In addition, you will need VMware vCenter software to exploit the capabilities of VDS.
The main purpose of VSS and VDS is to support Layer-2 (Ethernet) packet processing and forwarding. They act as the conduit for carrying network traffic from virtual machines into the physical network.
Virtual ports are supported in two flavors – access port and uplink port. Access ports are used to connect the virtual Ethernet adapter (vNIC) of a VM to the virtual switch. On the other hand, the uplink ports are used to connect the virtual switch to the host’s physical Ethernet adapter (pNIC).
The number of ports on a physical switch are limited by the physical dimension of the switch. But virtual switches can support very large number of ports.
But managing large number of ports and their configuration can be a daunting task. In order to ease the management of virtual ports, VMware supports the notion of Port Group.
The main entity that binds a VM’s virtual Ethernet adapter (vNIC) to a virtual switch is actually the Port Group. In VMware virtual networking, all networking related operations and management is performed on a Port Group. And Port Group are quite simply a collection of virtual ports. When a VM is created, users have to select the Port Group for every vNIC in the VM. Internally the hypervisor creates a virtual port for this vNIC. Note: the virtual port inherits all the configuration from the selected Port Group.
In addition to providing a convenient way to manage virtual ports, the Port Groups play another critical role. The logical separation of a LAN using VLANs is supported using Port Groups. As a user you can configure a VLAN ID on Port Group to logically partition your virtual network.
Even though a Port Group exists as an entity within the hypervisor host, the association of a VLAN to a Port Group, gives it a network-wide flavor. In that sense, a “set of Port Groups” with same VLAN ID, represents a true virtual network in VMware virtual networking environment.
The relationship between various entities in VMware Virtual networking can be described as follows:
- A virtual switch contains one or more port groups (zero or more for the purists).
- A port group contains one or more virtual ports.
- Access virtual port (or access port group) provides connectivity to a VM’s virtual network adapter (vNIC)
- Uplink virtual port (or uplink port group) provides connectivity to the host’s physical network adpater (pNIC)