Today we'll cover another objective from VCP-DCV 2019 certification and we'll talk about the difference between vSphere standard switches (vSS) and vSphere Distributed Switches (vDS). Chapter after chapter we're getting closer to fill the blueprint objectives and help students to study and pass the Professional vSphere 6.7 Exam 2019. Today's chapter: VCP6.7-DCV Objective 1.8 – Differentiate between VDS and VSS.
We basically cover what we think that’s important for each chapter since there are no special guidelines and sub-chapters like in the VCP6.5-DCV Study Guide. As such, you should not rely on our information only. Perhaps it is also a good idea to download the older VCP6.5-DCV study guide PDF as the structure of each chapter is much more detailed and IMHO gives better support to study.
Check out: VMware Certification Changes in 2019. No mandatory recertification after 2 years. Older certification holders (up to VCP5) can pass the new exam without a mandatory course, only recommended courses are listed).
You don't have to pass the latest exam to become VCP-DCV 2019 certified. Did you know?
To become VCP-DCV 2019 certified you have 3 different choices of exam:
- Professional vSphere 6.7 Exam 2019
- VCP6.5-DCV: VMware Certified Professional 6.5 – Data Center Virtualization exam (our VCP6.5-DCV Study Guide Page which is complete)
- VCP6.5-DCV DELTA: VMware Certified Professional 6.5 – Data Center Virtualization Delta exam
Note: You must be VCP5, or VCP6. If, not, you must attend a class and you have no “Delta” exam option.
The Professional vSphere 6.7 Exam 2019 (2V0-21.19) which leads to VMware Certified Professional – Data Center Virtualization 2019 (VCP-DCV 2019) certification is:
- A 70-item exam
- Passing score of 300 using a scaled scoring method.
- Candidates are given 115 minutes to complete the exam
VCP6.7-DCV Objective 1.8 – Differentiate between VDS and VSS
A vSphere Standard Switch is very similar to a physical Ethernet switch. Virtual machine network adapters and physical NICs on the host use the logical ports on the switch as each adapter uses one port. Each logical port on the standard switch is a member of a single port group.
When it is connected to the physical switch using a physical Ethernet adapter also called uplink, you can have a connection between your virtual infrastructure and the physical (outside) world.
vSphere Standard Switch (VSS)
It works much like a physical Ethernet switch. It detects which virtual machines are logically connected to each of its virtual ports and uses that information to forward traffic to the correct virtual machines. A vSphere standard switch can be connected to physical switches by using physical Ethernet adapters, also referred to as uplink adapters, to join virtual networks with physical networks.
This type of connection is similar to connecting physical switches together to create a larger network. Even though a vSphere standard switch works much like a physical switch, it does not have some of the advanced functionality of a physical switch.
How to create a standard vswitch?
Select Host > Configure > Networking > Virtual Switches > Add. At the same time, the assistant proposes you to create either VMkernel network adapter, VM port group or Physical network adapter.
vSphere Distributed Switch
A vSphere distributed switch acts as a single switch across all associated hosts in a data center to provide centralized provisioning, administration, and monitoring of virtual networks. You configure a vSphere distributed switch on the vCenter Server system and the configuration is propagated to all hosts that are associated with the switch.
This lets virtual machines maintain consistent network configuration as they migrate across multiple hosts.
Where to? Right-click Datacenter > Create new distributed switch.
VLAN – VLAN enables a single physical LAN segment to be further segmented so that groups of ports are isolated from one another as if they were on physically different segments. The standard is 802.1Q.
vSphere Standard Port Group – Network services connect to standard switches through port groups. Port groups define how a connection is made through the switch to the network. Typically, a single standard switch is associated with one or more port groups. A port group specifies port configuration options such as bandwidth limitations and VLAN tagging policies for each member port.
Each port group on a standard switch is identified by a network label, which must be unique to the current host. You can use network labels to make the networking configuration of virtual machines portable across hosts. You should give the same label to the port groups in a data center that use physical NICs connected to one broadcast domain on the physical network
vSphere Distributed Port Group – A port group associated with a vSphere distributed switch that specifies port configuration options for each member port. Distributed port groups define how a connection is made through the vSphere distributed switch to the network.
Nic Teaming – NIC teaming occurs when multiple uplink adapters are associated with a single switch to form a team. A team can either share the load of traffic between physical and virtual networks among some or all of its members, or provide passive failover in the event of a hardware failure or a network outage.
VMkernel port – VMkernel networking layer provides connectivity to hosts and handles the standard infrastructure traffic of vSphere vMotion, IP storage, Fault Tolerance, and vSAN.
Uplink port – ethernet adapter connected to the outside world. To connect with physical networks.
I invite you to read the vSphere Networking PDF for more details. You can find the link to the PDF on the VCP6.7-DCV Study Guide – VCP-DCV 2019 certification page.
Further reading of the document will give you details on:
- Managing networking on multiple hosts on a VDS
- Migrating VMKernel adapters to VDS
- Create VMkernel adapters on VDS
- Use Host as a template to create a uniform networking configuration on VDS
Policies set at the standard switch or distributed port group level apply to all of the port groups on the standard switch or to ports in the distributed port group. The exceptions are the configuration options that are overridden at the standard port group or distributed port level.
Teaming and Failover Policy – NIC teaming lets you increase the network capacity of a virtual switch by including two or more physical NICs in a team. To determine how the traffic is rerouted in case of adapter failure, you include physical NICs in a failover order. To determine how the virtual switch distributes the network traffic between the physical NICs in a team, you select load balancing algorithms depending on the needs and capabilities of your environment.
NIC Teaming Policy – You can use NIC teaming to connect a virtual switch to multiple physical NICs on a host to increase the network bandwidth of the switch and to provide redundancy. A NIC team can distribute the traffic between its members and provide passive failover in case of adapter failure or network outage. You set NIC teaming policies at virtual switch or port group level for a vSphere Standard Switch and at a port group or port level for a vSphere Distributed Switch.
Load Balancing policy – The Load Balancing policy determines how network traffic is distributed between the network adapters in a NIC team. vSphere virtual switches load balance only the outgoing traffic. Incoming traffic is controlled by the load balancing policy on the physical switch.
Check the vSphere Networking PDF for more details. You'll find more about:
- VLAN policy
- Security policy
- Traffic shaping policy
- Resource allocation policy
- Monitoring policy
- Traffic filtering and marking policy
- Port blocking policy
We simply can't squeeze all the networking knowledge into a single post. I'd recommend also consulting the VCP6.5-DCV Study Guide page (or get the full PDF here) where you can find other chapters concerning networking in vSphere, further detailed:
- Configure policies/features and verify vSphere networking
- Configure Network I/O control (NIOC)
- Troubleshoot vSphere Storage and Networking
Some best practices:
Dedicate a separate physical NIC to a group of virtual machines, or use Network I/O Control and traffic shaping to guarantee bandwidth to the virtual machines.
To physically separate network services and to dedicate a particular set of NICs to a specific network service, create a vSphere Standard Switch or vSphere Distributed Switch for each service. If not possible, separate network services on a single switch by attaching them to port groups with different VLAN IDs.
Keep the vSphere vMotion connection on a separate network. When migration with vMotion occurs, the contents of the guest operating system’s memory is transmitted over the network. You can do this either by using VLANs to segment a single physical network or by using separate physical networks (the latter is preferable).
Follow the progress of the VCP6.7-DCV Study Guide page for further updates.
More from ESX Virtualization
- What is VMware vCenter Convergence Tool?
- What is VMware Platform Service Controller (PSC)?
- What is vCenter Embedded Linked Mode in vSphere 6.7?
- VMware vExpert 2019 – This is vExpert x11
- How To Reset ESXi Root Password via Microsoft AD
- How to Patch VMware vCenter Server Appliance (VCSA) 6.7 Offline