Distributed Port Group and VMkernel Adapter Design for the Management Domain
The design of a distributed port group specifies port configuration options for each member port on a vSphere Distributed Switch. Distributed port groups define how a connection is made to a network.
Port Group Configuration
The port group configuration of the distributed switch for the management domain follows the network configuration for the domain in VMware Cloud Foundation.
Networks Connected to the Management vSphere Distributed Switch
Networks | Port Group Function | Port Binding | Teaming Policy | Active Uplinks | Failover Detection | Notify Switches | Failback |
|---|---|---|---|---|---|---|---|
Management VLAN | Management | Ephemeral Port Binding | Route based on physical NIC load | 1, 2 | Link status only | Yes | Yes |
vSphere vMotion VLAN | vSphere vMotion | Static Port Binding | Route based on physical NIC load | 1, 2 | Link status only | Yes | Yes |
vSAN VLAN | vSAN | Static Port Binding | Route based on physical NIC load | 1, 2 | Link status only | Yes | Yes |
NFS VLAN | NFS (Optional/ Manually created) | Static Port Binding | Route based on physical NIC load | 1, 2 | Link status only | Yes | Yes |
Hot overlay (TEP) VLAN | The host overlay (TEP) traffic is not assigned a distributed port group. It is directly mapped to the switch uplinks. See Overlay Design for the Management Domain. | ||||||
| Edge Uplink01 | ||||||
Edge Uplink02 | |||||||
NIC Teaming
For a predictable level of performance and for high availability, use multiple network adapters in one of the following configurations.
- An active-standby configuration that uses explicit failover when connected to two separate switches.
- An active-active configuration in which two or more physical NICs in the server are assigned the active role.
Decision ID | Design Decision | Design Justification | Design Implication |
|---|---|---|---|
VCF-MGMT-VCS-VDS-003 | Use ephemeral port binding for the management port group. | Using ephemeral port binding provides the option for recovery of the vCenter Server instance that is managing the distributed switch. | Port-level permissions and controls are lost across power cycles, and no historical context is saved. |
VCF-MGMT-VCS-VDS-004 | Use static port binding for all non-management port groups. | Static binding ensures a virtual machine connects to the same port on the vSphere Distributed Switch. This allows for historical data and port level monitoring. | None. |
VCF-MGMT-VCS-VDS-005 | Use the Route based on physical NIC load teaming algorithm for the management port group. | Reduces the complexity of the network design and increases resiliency and performance. | None. |
VCF-MGMT-VCS-VDS-006 | Use the Route based on physical NIC load teaming algorithm for the vSphere vMotion port group. | Reduces the complexity of the network design and increases resiliency and performance. | None. |
VMkernel Network Adapter Configuration
The VMkernel networking layer provides connectivity to hosts and handles the system traffic for management, vSphere vMotion, vSphere HA, vSAN, and others.
VMkernel Adapter Service | Connected Port Group | Activated Services | MTU Size (Bytes) |
|---|---|---|---|
Management | Management Port Group | Management Traffic | 1500 (Default) |
vMotion | vMotion Port Group | vMotion Traffic | 9000 |
vSAN | vSAN Port Group | vSAN | 9000 |
Availability Zones | VMkernel Adapter Service | Connected Port Group | Activated Services | MTU Size (Bytes) |
|---|---|---|---|---|
First availability zone | Management | Management port group for the first availability zone | Management Traffic | 1500 (Default) |
vMotion | vSphere vMotion port group for the first availability zone | vMotion Traffic | 9000 | |
vSAN | vSAN port group for the first availability zone | vSAN | 9000 | |
Second availability zone | Management | Management port group for the second availability zone | Management Traffic | 1500 (Default) |
vMotion | vSphere vMotion port group for the second availability zone | vMotion Traffic | 9000 | |
vSAN | vSAN port group for the second availability zone | vSAN | 9000 |