Vmware добавить port group
Для этого выбираем наш хост, жмем на вкладку Configure, и в разделе Networking выбираем Virtual Switches.
Поскольку у нас на хосте имеется два сетевых адаптера(как установить драйвер на неподдерживаемую сетевую карту мы рассматривали в статье), давайте добавим нашу сетевую карту в виртуальный свич и настроим так называемый тиминг(объединение сетевых интерфейсов).
Виртуальных коммутаторов на хосте может быть несколько. Если вы хотите, чтобы ваши виртуальные машины находились в изолированной сети, можно создать виртуальный коммутатор, не используя сетевые адаптеры.
Ну а мы рассмотрим настройку обычного виртуального свича.
Procedure
For example, if a distributed switch will be associated with a cluster of datacenter management hosts, you could name the switch VDS_Mgmt.
By default, four uplinks are created. Adjust the number of uplinks to reflect your VDS design. The number of uplinks required is normally equal to the number of physical NICs you allocate to the VDS.
The default port group is just one of the port groups that this switch will contain. You will have an opportunity after the switch is created to add port groups for different traffic types. Optionally, you can untick Create a default port group option when creating a new VDS. This may in fact be the best practice; it's best to be explicit when creating port groups.
For example, if your host management interfaces are in VLAN 110, place the default port group in VLAN 110. If your host management interfaces are not in a VLAN, skip this step.
Repeat this step for each traffic type, making sure to provide a meaningful name for each port group and making sure to configure the proper VLAN ID based on the traffic separation requirements of your deployment.
Example group settings for storage.
Example group settings for vMotion traffic.
The completed distributed switch and port groups looks like this.
Attach all hosts that are in the associated cluster. For example, if the switch is for management hosts, select all of the hosts that are in the management cluster.
For example, this screen shows two hosts with their vmnic0 uplinks configured to migrate from their respective standard vSwitch to the distributed Mgmt_VDS-DVUplinks port group, which is a trunk port that can carry any VLAN ID.
For example, this screen shows three vmk network adapters on two hosts configured to be migrated from the standard port groups to the new distributed port groups.
For example, this screen shows two VMs on a single host configured to be migrated from the standard port group to the new distributed port group.
Сети виртуальных машин.
Сеть виртуальных машин создается аналогично, только в мастере нужно выбрать Virtual Machine Port Group
Выбрать или создать VSwitch
указать название сети и VLAN
и завершить создание
После этого в нашем виртуальном коммутаторе появится еще одна сеть виртуальных машин и в настройках виртуальных машин станет доступно подключение к этой сети.
Дополнительный виртуальный коммутатор можно создать при создании VMkernel или VM Network. Как я уже говорил, наличие физического сетевого адаптера требуется только, если ВМ должны иметь доступ к внешним ресурсам(находящимся не на данном хосте ESXi).
Ну вот вкратце и всё по настройке сети VMware. Если что-то осталось не рассмотренным или непонятным, пишите в комментариях, — будем дополнять.
When you are logged in to an ESXi host with the VMware Host Client , you can configure various networking settings, such as the port group name, VLAN ID, and virtual switch.
Prerequisites
This example assumes that each ESX host to be connected to the vSphere distributed switch has at least one connection to a physical switch (one vmnic uplink). This uplink can be used for the distributed switch and NSX VXLAN traffic.
VMware настройка сети. Настройка виртуального коммутатора.
Выбираем наш единственный виртуальный коммутатор и нажимаем на значок сетевой карты
В открывшемся окне видим, что у нас сейчас активен один сетевой адаптер vmnic0. Жмем на зеленый плюс, чтобы добавить второй
Видим нашу вторую сетевуху, выбираем ее и группу адаптеров, в которую нужно ее добавить(в нашем случае Active adapters).
Active adapters — сетевая карта будет использоваться
Standby adapters — сетевая карта будет задействована в случае выхода из строя основной
Unused adapters — сетевая карта не будет использоваться.
На следующем экране видим, что наши адаптеры находятся в группе активных(можно поменять группу адаптера с помощью синих стрелок, а также удалить адаптер или добавить еще).
Жмем ОК и видим, что теперь в нашем свиче два сетевых адаптера(у меня подключен только один, поэтому VMware «сигналит», что отказоустойчивость потеряна.
В виртуальных свичах VMware есть сеть для виртуальных машин VM Network(сюда подключаются виртуальные машины) и VMkernel, предназначенный для служебного трафика(Management, VMotion, iscsi и т.п.).
Давайте настроим наш управляющий интерфейс, который используется для управления хостом.
Выделяем окно с заголовком Management Network и нажимаем на карандаш для редактирования.
В настройках Management Network вы можете изменить название сети, VLAN(если используется), настройки безопасности, traffic shaping(в стандартном свиче ограничивается только исходящий трафик) и режим файловера и балансировки нагрузки.
Интерфейсы VMkernel.
Думаю, нужно еще рассмотреть настройки интерфейса VMkernel, используемого для служебных нужд.
Интерфейсов VMkernel может(и должно) быть несколько, чтобы разделить трафик управления от, например, трафика iscsi. Желательно, чтобы это были физически разделенные сети, ну или, хотя бы, на уровне VLANs.
Давайте настроим несколько таких интерфейсов.
Выбираем в секции Networking вкладку VMkernel adapters, выделяем пока единственный vmk0 и жмем карандаш для редактирования
В открывшемся окне на первой вкладке выбираем тип трафика, который разрешен на этом интерфейсе(давайте разрешим здесь еще VMotion — трафик миграции ВМ).
На других вкладках этого мастера можно изменить такие настройки как MTU, настройки IPv4 и IPv6.
После нажатия ОК настройки будут сохранены.
Теперь давайте создадим еще один VMkernel для трафика, например Fault Tolerance. Настройка сети для трафика хранилищ iscsi описана в статье Как подключить iscsi-lun к хосту esxi.
Итак, жмем на глобус с плюсом, чтобы добавить новый адаптер VMkernel
Выбираем тип VMkernel Network Adapter
Выбираем, использовать имеющийся или создать новый виртуальный коммутатор(мы выберем наш единственный). Жмем Next.
На следующем экране задаем имя нашего адаптера, выбираем какой версии протокол IP будет использоваться и какой трафик
Указываем сетевые настройки(статика или DHCP)
На завершающем экране мастера проверяем настройки и жмем Finish.
Видим, что теперь у нас появился второй VMkernel адаптер, который будет использован для передачи трафика Fault Tolerance logging.
Procedure
- Click Networking in the VMware Host Client inventory and click Port groups .
- Right-click the port group in the list that you want to edit and select Edit settings .
- (Optional) Enter a new port group name.
- (Optional) Enter a new value for the VLAN ID.
External Switch Tagging (EST)
The virtual switch does not pass traffic associated with a VLAN.
Virtual Switch Tagging (VST)
The virtual switch tags traffic with the tag that you entered.
Virtual Guest Tagging (VGT)
Virtual machines handle VLANs. The virtual switch permits traffic from any VLAN.
- Reject . Placing a guest adapter in promiscuous mode has no effect on which frames are received by the adapter.
- Accept . Placing a guest adapter in promiscuous mode causes it to detect all frames passed on the vSphere distributed switch that are allowed under the VLAN policy for the port group that the adapter is connected to.
- Inherit from vSwitch . Placing a guest adapter in promiscuous mode causes it to inherit the configuration from the associated virtual switch.
If the guest operating system changes back the MAC address to match the MAC address in the .vmx configuration file, inbound frames are passed again.
- Reject . Any outbound frame with a source MAC address that is different from the one set on the adapter are dropped.
- Accept . No filtering is performed and all outbound frames are passed.
- Inherit from vSwitch . The outbound frame configuration is inherited from the associated virtual switch.
- Inherit from vSwitch . Choose the uplink that is selected for the associated virtual switch.
- Route based on IP hash . Choose an uplink based on a hash of the source and destination IP addresses of each packet. For non-IP packets, whatever is at those offsets is used to compute the hash.
- Route based on source MAC hash . Choose an uplink based on a hash of the source Ethernet.
- Route based on originating port ID . Choose an uplink based on the originating port ID.
- Use explicit failover order . Always use the highest order uplink from the list of active adapters which passes failover detection criteria .
Note: IP-based teaming requires the physical switch to be configured with EtherChannel. For all other options, EtherChannel must be disabled.
- Inherit from vSwitch . Inherits the respective configuration of the associated virtual switch.
- Link Status only . Relies only on the link status that the network adapter provides. This option detects failures, such as cable pulls and physical switch power failures, but not configuration errors, such as a physical switch port being blocked by a spanning tree or that is misconfigured to the wrong VLAN or cable pulls on the other side of a physical switch.
- Beacon only . Sends out and listens for beacon probes on all NICs in the team and uses this information, in addition to link status, to determine a link failure. This detects many of the failures that are not detected by link status only.
Select Yes , No , or Inherit from vSwitch to notify switches if a failover occurs.
If you select Yes , when a virtual NIC is connected to the distributed switch or that virtual NIC’s traffic is routed over a different physical NIC in the team because of a failover event, a notification is sent out over the network to update the lookup tables on physical switches. In almost all cases, this process is preferred for the lowest latency of failover occurrences and migrations with vMotion.
Note: Do not use this option when the virtual machines using the port group are using Microsoft Network Load Balancing in unicast mode. No such issue exists with NLB running in multicast mode.
This option determines how a physical adapter is returned to active duty after recovering from a failure. If failback is set to the default setting of Yes , the adapter returns to active duty immediately upon recovery, displacing the standby adapter that took over its slot, if any. If failback is set to No , a failed adapter is left inactive even after recovery until another currently active adapter fails, requiring its replacement.
- Active Uplinks . Continue to use the uplink when the network adapter connectivity is up and active.
- Standby Uplinks . Use this uplink if one of the active adapter’s connectivities is down.
Note: When using IP-hash load balancing, do not configure standby uplinks. You cannot configure failover order if any of the port group components are configured to inherit the configuration from the associated virtual switch.
Traffic shaping policy is applied to the traffic of each virtual network adapter attached to the virtual switch.
This example shows how to create a new vSphere distributed switch (VDS); add port groups for management, storage, and vMotion traffic types; and migrate hosts on a standard vSwitch to the new distributed switch.
Procedure
- Static binding : Assign a port to a virtual machine when the virtual machine connects to the distributed port group.
- Ephemeral - no binding : No port binding. You can assign a virtual machine to a distributed port group with ephemeral port binding also when connected to the host.
- Elastic: The default number of ports is eight. When all ports are assigned, a new set of eight ports is created.
- Fixed : The default number of ports is set to eight. No additional ports are created when all ports are assigned.
- None : Do not use VLAN. Select this if you are using External Switch Tagging.
- VLAN : In the VLAN ID text box, enter a number between 1 and 4094 for Virtual Switch Tagging.
- VLAN trunking : Enter a VLAN trunk range.
Use this option for Virtual Guest Tagging.
- Reject . Placing an adapter in promiscuous mode from the guest operating system does not result in receiving frames for other virtual machines.
- Accept . If an adapter is placed in promiscuous mode from the guest operating system, the switch allows the guest adapter to receive all frames passed on the switch in compliance with the active VLAN policy for the port where the adapter is connected.
Firewalls, port scanners, intrusion detection systems, and so on, must run in promiscuous mode.
If the guest OS changes the MAC address back, the virtual machine receives frames again.
- Reject . The switch drops any outbound frame with a source MAC address that is different from the one in the .vmx configuration file.
- Accept . The switch does not perform filtering and permits all outbound frames.
- Route based on originating virtual port . Choose an uplink based on the virtual port where the traffic entered the distributed switch.
- Route based on IP hash . Choose an uplink based on a hash of the source and destination IP addresses of each packet. For non-IP packets, whatever is at those offsets is used to compute the hash.
- Route based on source MAC hash . Choose an uplink based on a hash of the source Ethernet.
- Route based on physical NIC load . Choose an uplink based on the current loads of physical NICs.
- Use explicit failover order . Always use the highest order uplink from the list of Active adapters which passes failover detection criteria.
Note: IP-based teaming requires that the physical switch is configured with EtherChannel. For all other options, disable EtherChannel.
- Link status only . Relies solely on the link status that the network adapter provides. This option detects failures, such as cable pulls and physical switch power failures, but not configuration errors, such as a physical switch port being blocked by spanning tree or that is misconfigured to the wrong VLAN or cable pulls on the other side of a physical switch.
- Beacon probing . Sends out and listens for beacon probes on all NICs in the team and uses this information, in addition to link status, to determine link failure. This detects many of the failures previously mentioned that are not detected by link status alone.
Select Yes or No to notify switches in case of failover. If you select Yes , whenever a virtual NIC is connected to the distributed switch or whenever that virtual NIC’s traffic might be routed over a different physical NIC in the team because of a failover event, a notification is sent out over the network to update the lookup tables on physical switches. In almost all cases, this process is desirable for the lowest latency of failover occurrences and migrations with vMotion.
Note: Do not use this option when the virtual machines using the port group are using Microsoft Network Load Balancing in unicast mode. No such issue exists with NLB running in multicast mode.
This option determines how a physical adapter is returned to active duty after recovering from a failure. If failback is set to Yes (default), the adapter is returned to active duty immediately upon recovery, displacing the standby adapter that took over its slot, if any. If failback is set to No , a failed adapter is left inactive even after recovery until another currently active adapter fails, requiring its replacement.
- Active uplinks . Continue to use the uplink when the network adapter connectivity is up and active.
- Standby uplinks . Use this uplink if one of the active adapters' connectivity is down.
- Unused uplinks . Do not use this uplink.
Selecting Yes shuts down all ports in the port group. This action might disrupt the normal network operations of the hosts or virtual machines using the ports.
VM Port group provides are created in vSwitch. VM port group assigned to VM based on the requirements. You can set or configure the different policies on VM port groups. VM port group also helps in distributing the VM with specific options. So in this post i will show you how you can add new VM port group to existing vSwitch from vSphere Web Client.
Let’s check out how you can easily create VM Port group on vSwitch Step by Step:-
Step 1:
Login to vSphere Web Client.
Step 2:
Choose the Hosts & Clusters from the Home Screen.
Step 3:
Choose the vSwtich on which you want to add VM port group.
Choose Following as shown:-
ESXi Host > Manage > Networking > Virtual Switches.
Here you will find your vSwitch.
Click on the icon shown with Number 5 to add new VM port group.
Step 4:
Add Networking Wizard will open.
Choose the third option “Virtual Machine Port Group for a Standard Switch”
Click Next to proceed.
Step 5:
Choose the first option to add VM port group to existing vSwitch & click Browse to select vSwitch.
Step 6:
Choose your vSwitch on which you want to add new VM port group.
Click OK to choose.
Click Next to Continue.
Step 7:
Here you will have to provide the Network Label name for your VM port group.
You can also provide the VLAN ID if you have.
Click Next to continue.
Step 8:
Review all the configurations you have done.
click Finish to add new VM port group.
That’s it you have successfully added new VM port group you can also check added VM port group by choosing the vSwitch.
Using this way you can create multiple vm port groups.
Checkout Our Posts on vSwitch :-
- What is vSwitch ?
- How to Create vSwitch ?
- How to add Uplinks in vSwitch ?
- How to Configure NIC Teaming in vSwitch ?
- How to Configure Traffic Shaping in vSwitch ?
- What are vSwitch Security Policies ?
- How to Configure vSwitch Security Policies ?
- Difference Between vSphere Standard Switch & vSphere Distributed Switch.
That’s it for Today Friends. I Hope you liked reading this post & If you find anything more to be added or removed feel free to write it in our comments. If you find it useful You are Feel free to share this on social media to help others & spread knowledge.
If you have any query on any thing you are free to write it in our comments section & we will make sure to provide you the better solution as soon as possible.
Checkout our Facebook Group for discussions & more.
You can also Like & Share our Facebook Page for Latest Updates.
Results
After the procedure is complete, in the host CLI you can verify the results by running the following commands:
To create a distributed switch network for your virtual machines, and to associate VMkernel adapters, you can add a distributed port group to a vSphere Distributed Switch .
Related to adding a port group, is applying VLAN tagging globally on all distributed ports. Using the VLAN options you can select VLAN tags. To learn more, see Configure VLAN Tagging on a Distributed Port Group or Distributed Port
Читайте также: