vSphere Distributed Switch 6.0 –Technical Deep Dive

Jason Nash, SiriusChris Wahl, Rubrik

NET4976

#NET4976

• This presentation may contain product features that are currently under development.

• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.

• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.

• Technical feasibility and market demand will affect final delivery.

• Pricing and packaging for any new technologies or features discussed or presented have not been determined.

Disclaimer

CONFIDENTIAL 2

What You’ve Done with NSX

CONFIDENTIAL 3

NSX Customers700+

Production Deployments(adding 25-50 per quarter)

100+

Organizations invested US$1M+ in NSX

65+

What You’re Doing Next

EXPANDED SECURITY

New security partners, integrations, and projects and applications of NSX.

DEEPER INTEGRATION

New infrastructure and operations partners, integrations, and frameworks for IT organizations

√APPLICATION CONTINUITY

New functionality to scale deployments across vCenter instances, with the ability to:

• Pool resources from multiple data centers• Recover from disasters faster• Deploy a hybrid cloud architecture

• NSX 6.2 contains over 20 new features• Tested against over 1000 new scenarios

vSphere Distributed Switch 6.0A Technical Deep Dive

Jason “Starbucks Cup” Nash

VMware Certified Design Expert (VCDX) #49

Author of many courses on PluralSight

Best streak is 247 straight on the skeet field

Chris “The Sheriff” Wahl

VMware Certified Design Expert (VCDX) #104

Author, Networking for VMware Administrators

Likes big hats

The 2014 Deep Dive

MigrationVSS to VDS

Mixing 1Gb and 10Gb

Hosts

Handling vMotion

Saturation

vSphere Replication Bandwidth

Quality of Service Tagging

Load Based Teaming vs

Link Aggregation

New Hotness in 2015!Granular Network Guarantees• Network I/O Control Version 3.0• Setting guarantees on virtual machines and DPGs

Using Multiple TCP/IP Stacks• Setup a supported Routed vMotion environment• Migrate workloads from one vCenter to another

100% VDS Fueled Data Center• How to protect vCenter Server and other dependencies• Toss out the Standard vSwitch completely

WHAT’S NEWThe vSphere Distributed Switch 6.0

Are You Using thevSphere Distributed Switch

(VDS)?

The Hit List

Network I/O Control (NIOC)

Version 3.0

Multicast (IGMP) Snooping

Multiple TCP/IP Stack for vMotion

What About the Cisco Nexus 1000v?• VMware no longer sells the Nexus 1000v• Nexus 1000v is supported in vSphere 6.0 Requires 5.2(1)SV3(1.4) or Later

• Cisco Nexus 1000v AVS Mode = Not Supported

http://www.vmware.com/products/cisco-nexus-1000V

“The Nexus 1000v … is the market leading 3rd party virtual switch in the industry”

Compared to the IBM 5000V

BUILD AND UPGRADEThe vSphere Distributed Switch 6.0

VDS 4.0We hardly knew thee

Way more helpful details!

Beware!

VDS 5.0 VDS 5.1 VDS 5.5 VDS 5.5 + LACP VDS 6.0 VDS 6.0

+ LACP

VDS 5.1 VDS 5.5 VDS 5.5 + LACP VDS 6.0 VDS 6.0

+ LACP

VDS 5.5 + LACP

VDS 6.0 + LACP

VDS 6.0 + LACP

VDS 5.5

VDS 5.5 + LACP VDS 6.0 VDS 6.0

+ LACP

VDS 6.0

VDS 6.0 + LACP

Network I/O Control Version 3“Learn how to leverage the new NIOC version 3 features found in the VDS 6.0 for building robust multi-tenant configurations”

Tips and Caveats for Reservations

• More guardrails = less fluidity in the data center

• The best designs are simple

• Are you solving a problem?

Traffic Placement Engine• Places VM’s network adapter on optimal NIC• Must be able to meet reservation• Still adheres to teaming policies Active, standby, and unused

• Two control points Distributed Port Group (all VMs attached) Virtual Machine (per VM)

Bandwidth Admission Control• Validation at VM power on Must meet minimum bandwidth to VM’s network adapter Reservation is less than the free quota in the pool

• Changes are validated in real time Violations prevents change from applying

Related FunctionalityvSphere DRS

DRS will migrate when …• Reservation exceeds host

capacity• NIC fails

vSphere HA

HA considers the reservations when powering on a VM

VDS 5.5GUI Layout

VDS 6.0New Fields

75% Maximum Reservation

Assign Reservation to theVirtual Machine System Class

Bandwidth reservation is based on network adapter quantity and speedDo the math!

0.5 Gbps per NICx 6 NICs (2 per server)

= 3.0 Gbps globally

Assign a reservation value (Mbps) to theVirtual Machine System Class

Associate port group(s) with the resource pool(s)

Bask in the amazement!

Multiple TCP/IP Stacks“Gain valuable insight on how to best configure your VDS to take advantage of the new vMotion TCP/IP stack for routed traffic”

Cross vSwitch vMotion• Choose destination network when vMotioning VMs• Can go between

vSS to vSS vSS to vDS vDS to vDS

• Note that vDS to vSS is NOT supported vDS includes metadata that vSS doesn’t support

• Does NOT change IP address

Cross vCenter vMotion• vMotion VMs from one vCenter to

another Must be in same SSO domain

• Supports shared or shared nothing storage configurations

• Even migrates things such as HA settings DRS settings Alarms Events

Other Requirements• Must be on Enterprise Plus licensing!

• vCenter Servers must be in Enhanced Linked Mode

• Make sure you have good time sync of the vCenters

Long Distance vMotion• Can now vMotion across links up to *150ms* of

latency! No more 10ms limit!

• Keep in mind that this can affect VM application performance

Do this in non-peak hours

Protecting vCenter with a VDS“Discover how easy it can be to begin using the vSphere Distributed Switch (VDS) for all workloads, even vCenter and other management dependencies”

Ephemeral BindingPer port group setting

Ephemeral Ports Still Available

Further ReadingChoosing a port binding type in ESX/ESXihttp://kb.vmware.com/kb/1022312

Protecting a Distributed Switch with Ephemeral Bindinghttp://wahlnetwork.com/2015/01/30/vds-ephemeral-binding/

Thank you for attending!

NSX Ecosystem

CONFIDENTIAL 54

Service Insertion“Leverage full automation and

service insertion for NSX”

NSX aware“Leverage NSX API and

metadata to bring a solution”

Co-existence“Let’s meet in the network”

Works with any switching fabric

Works with routing ecosystem using

traditional protocols

Existing Physical firewall provide security sitting in front of NSX Edge at layer 3

Existing Physical/virtual ADC services can connect to NSX at layer 2 or layer 3

Network Virtualization Next Steps with VMware NSX

CONFIDENTIAL 55

virtualizeyournetwork.com

The online resource for the people, teams and organizations that are adopting network virtualization

communities.vmware.com

Connect and engage with network virtualization experts and fellow VMware NSX users

vmware.com/go/NVtraining

Build knowledge and expertise for the next step in your career

labs.hol.vmware.com

Test drive the capabilities of VMware NSX

vSphere Distributed Switch 6.0 –Technical Deep Dive

Jason Nash, SiriusChris Wahl, Rubrik

NET4976

#NET4976