Post on 16-Apr-2017
vSphere Distributed Switch 6.0 –Technical Deep Dive
Jason Nash, SiriusChris Wahl, Rubrik
NET4976
#NET4976
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
CONFIDENTIAL 2
What You’ve Done with NSX
CONFIDENTIAL 3
NSX Customers700+
Production Deployments(adding 25-50 per quarter)
100+
Organizations invested US$1M+ in NSX
65+
What You’re Doing Next
EXPANDED SECURITY
New security partners, integrations, and projects and applications of NSX.
DEEPER INTEGRATION
New infrastructure and operations partners, integrations, and frameworks for IT organizations
√APPLICATION CONTINUITY
New functionality to scale deployments across vCenter instances, with the ability to:
• Pool resources from multiple data centers• Recover from disasters faster• Deploy a hybrid cloud architecture
• NSX 6.2 contains over 20 new features• Tested against over 1000 new scenarios
vSphere Distributed Switch 6.0A Technical Deep Dive
Jason “Starbucks Cup” Nash
VMware Certified Design Expert (VCDX) #49
Author of many courses on PluralSight
Best streak is 247 straight on the skeet field
Chris “The Sheriff” Wahl
VMware Certified Design Expert (VCDX) #104
Author, Networking for VMware Administrators
Likes big hats
The 2014 Deep Dive
MigrationVSS to VDS
Mixing 1Gb and 10Gb
Hosts
Handling vMotion
Saturation
vSphere Replication Bandwidth
Quality of Service Tagging
Load Based Teaming vs
Link Aggregation
New Hotness in 2015!Granular Network Guarantees• Network I/O Control Version 3.0• Setting guarantees on virtual machines and DPGs
Using Multiple TCP/IP Stacks• Setup a supported Routed vMotion environment• Migrate workloads from one vCenter to another
100% VDS Fueled Data Center• How to protect vCenter Server and other dependencies• Toss out the Standard vSwitch completely
WHAT’S NEWThe vSphere Distributed Switch 6.0
Are You Using thevSphere Distributed Switch
(VDS)?
The Hit List
Network I/O Control (NIOC)
Version 3.0
Multicast (IGMP) Snooping
Multiple TCP/IP Stack for vMotion
What About the Cisco Nexus 1000v?• VMware no longer sells the Nexus 1000v• Nexus 1000v is supported in vSphere 6.0 Requires 5.2(1)SV3(1.4) or Later
• Cisco Nexus 1000v AVS Mode = Not Supported
http://www.vmware.com/products/cisco-nexus-1000V
“The Nexus 1000v … is the market leading 3rd party virtual switch in the industry”
Compared to the IBM 5000V
BUILD AND UPGRADEThe vSphere Distributed Switch 6.0
VDS 4.0We hardly knew thee
Way more helpful details!
Beware!
VDS 5.0 VDS 5.1 VDS 5.5 VDS 5.5 + LACP VDS 6.0 VDS 6.0
+ LACP
VDS 5.1 VDS 5.5 VDS 5.5 + LACP VDS 6.0 VDS 6.0
+ LACP
VDS 5.5 + LACP
VDS 6.0 + LACP
VDS 6.0 + LACP
VDS 5.5
VDS 5.5 + LACP VDS 6.0 VDS 6.0
+ LACP
VDS 6.0
VDS 6.0 + LACP
Network I/O Control Version 3“Learn how to leverage the new NIOC version 3 features found in the VDS 6.0 for building robust multi-tenant configurations”
Tips and Caveats for Reservations
• More guardrails = less fluidity in the data center
• The best designs are simple
• Are you solving a problem?
Traffic Placement Engine• Places VM’s network adapter on optimal NIC• Must be able to meet reservation• Still adheres to teaming policies Active, standby, and unused
• Two control points Distributed Port Group (all VMs attached) Virtual Machine (per VM)
Bandwidth Admission Control• Validation at VM power on Must meet minimum bandwidth to VM’s network adapter Reservation is less than the free quota in the pool
• Changes are validated in real time Violations prevents change from applying
Related FunctionalityvSphere DRS
DRS will migrate when …• Reservation exceeds host
capacity• NIC fails
vSphere HA
HA considers the reservations when powering on a VM
VDS 5.5GUI Layout
VDS 6.0New Fields
75% Maximum Reservation
Assign Reservation to theVirtual Machine System Class
Bandwidth reservation is based on network adapter quantity and speedDo the math!
0.5 Gbps per NICx 6 NICs (2 per server)
= 3.0 Gbps globally
Assign a reservation value (Mbps) to theVirtual Machine System Class
Associate port group(s) with the resource pool(s)
Bask in the amazement!
Multiple TCP/IP Stacks“Gain valuable insight on how to best configure your VDS to take advantage of the new vMotion TCP/IP stack for routed traffic”
Cross vSwitch vMotion• Choose destination network when vMotioning VMs• Can go between
vSS to vSS vSS to vDS vDS to vDS
• Note that vDS to vSS is NOT supported vDS includes metadata that vSS doesn’t support
• Does NOT change IP address
Cross vCenter vMotion• vMotion VMs from one vCenter to
another Must be in same SSO domain
• Supports shared or shared nothing storage configurations
• Even migrates things such as HA settings DRS settings Alarms Events
Other Requirements• Must be on Enterprise Plus licensing!
• vCenter Servers must be in Enhanced Linked Mode
• Make sure you have good time sync of the vCenters
Long Distance vMotion• Can now vMotion across links up to *150ms* of
latency! No more 10ms limit!
• Keep in mind that this can affect VM application performance
Do this in non-peak hours
Protecting vCenter with a VDS“Discover how easy it can be to begin using the vSphere Distributed Switch (VDS) for all workloads, even vCenter and other management dependencies”
Ephemeral BindingPer port group setting
Ephemeral Ports Still Available
Further ReadingChoosing a port binding type in ESX/ESXihttp://kb.vmware.com/kb/1022312
Protecting a Distributed Switch with Ephemeral Bindinghttp://wahlnetwork.com/2015/01/30/vds-ephemeral-binding/
Thank you for attending!
NSX Ecosystem
CONFIDENTIAL 54
Service Insertion“Leverage full automation and
service insertion for NSX”
NSX aware“Leverage NSX API and
metadata to bring a solution”
Co-existence“Let’s meet in the network”
Works with any switching fabric
Works with routing ecosystem using
traditional protocols
Existing Physical firewall provide security sitting in front of NSX Edge at layer 3
Existing Physical/virtual ADC services can connect to NSX at layer 2 or layer 3
Network Virtualization Next Steps with VMware NSX
CONFIDENTIAL 55
virtualizeyournetwork.com
The online resource for the people, teams and organizations that are adopting network virtualization
communities.vmware.com
Connect and engage with network virtualization experts and fellow VMware NSX users
vmware.com/go/NVtraining
Build knowledge and expertise for the next step in your career
labs.hol.vmware.com
Test drive the capabilities of VMware NSX
vSphere Distributed Switch 6.0 –Technical Deep Dive
Jason Nash, SiriusChris Wahl, Rubrik
NET4976
#NET4976