vSphere 6.0: About the VMKernel Networking Level (Part-7)

In pervious post of this series, we learned pretty simple process about adding ESXi host(s) and migrating VMs to vSphere Distributed Switch (vDS) using step by step process. In this post, we’ll learn how VMKernel Networking layer provide connectivity to ESXi hosts and handles the standard system traffic such as vMotion, IP Storage, Fualt Tolerance, vSAN, and others. If you missed previous posts of this series, you can follow:

  1. Introduction to vSphere Standard Switch (vSS)
  2. How to Create Standard Switch (vSS)
  3. Configuring vSphere Standard Switch Policies
  4. Introduction to vSphere Distributed Switch
  5. Creating vSphere Distributed Switch
  6. Adding ESXi Hosts to vSphere Distributed Switch

 The VMKernel Networking layer provides connectivity to hosts and handles the standard system traffic of vMotion, IP Storage, Fault Tolerance, vSAN and others. VMKernel adapters can also be created on the source and target locations for managing vSphere Replication (VR) hosts to isolate the traffic.

For each VMKernel adapter, only one portgroup will be dedicated. One VMKernel adapter should only be handled one traffic type (vMotion, vSAN etc) at a time.

Note: I’m not going deep in how to create portgroup. Mayur Parmer explained beautifully in his post.

TCP/IP Stacks at the VMKernel Level

Following are the key points about TCP/IP stacks at the VMKernel level

  • Default TCP/IP stack
  • vMotion TCP/IP stack
  • Provisioning TCP/IP stack
  • Custom TCP/IP Stacks

Default TCP/IP stack: provides support for management traffic between vCenter Server and ESXi hosts.

vMotion TCP/IP stack: provides support for live migration of VMs between hosts. This isolates vMotion traffic from management traffic. When a VMKernel adapter is created on vMotion TCP/IP stack, it disabls the default TCP/IP stack for vMotion traffic.

Provisioning TCP/IP stack: supports network traffic for VM cloning, snapshot creation, and cold migration. It can also be used to handle NFC traffic during long-distance vMotion traffic. After configuring VMKernel adapter with provisioning TCP/IP stack, all adapters with default TCP/IP stack are disabled for the provisioning traffic.

Custom TCP/IP stacks: Custom TCP/IP stacks can be added at the VMKernel level to handle network traffic for custom application.

When TCP/IP stacks are configured with the VMKernel adapters, you should take security measures to prevent unauthorized access to the management and system traffic in your virtual environment. vMotion should be isolated with the ESXi hosts only participating in the migration process, and also isolate the management traffic in a network that only network and security administrator can access.

In next post, we’ll see how to create VMKernel adapter on vDS step by step.

 

I hope you have enjoyed reading this post. Thanks for Reading! Be social and share it to social media if you feel worth sharing it.

Source: Vmware vSphere 6.0 Documentation

Leave a Reply