vSphere 5 Distributed Switch: Greater Visibility into Virtualization
By Lisa Gecko
vSphere 5 includes significant new features and functionality across the VMware virtualization platform. A core component that was upgraded is the Distributed Switch (vDS). This is an administrative interface that enables the management and updating of network configuration in a central location as opposed to separate ESX hosts as in previous versions of vSphere. The benefit provided by vDS to Cloud Hosting Companies is enormous. Among those, hosts can now manage cloud hosting networks from a single location, thus reducing operational configuration time and scripting activities.
vDS provides connectivity for virtual machines running on VMware ESXi hosts to intercommunicate and maintain connectivity to the external physical infrastructure. This enables cloud hosts more visibility into the traffic that is flowing into the virtual infrastructure and supports the monitoring and troubleshooting of network issues.
While each new feature included with vDS is valuable, NetFlow is perhaps the most useful. Netflow only had experimental support until the vSphere 5 upgrade; now it has been completely integrated into vDS and is officially supported. Netflow gives cloud hosting administrators the ability to monitor virtual machine network communications in order to assist with intrusion detection, network profiling, compliance monitoring, and general network forensics. By enabling Netflow in vDS, the status of virtual network environments can quickly and easily be determined and essential information for cloud hosting business decisions can be provided. Feature enhancements and standards support are always favorable in an upgrade, but tools like Netflow are even better because they can be immediately utilized in virtual networks and thus show explicit value and return on investment.
Another powerful feature included with vDS is the ability to create user-defined network resource pools. This enables cloud computing networks to group traffic beyond standard system traffic types by setting shares, limits, and IEEE 802.1p tag parameters. For example, by configuring two user-defined resource pools with virtual machines connected to their respective independent port groups, shares can be managed so that during contention scenarios, one pool will have a higher guaranteed share than another. By utilizing this feature, cloud computing customers that are deploying critical applications on virtual infrastructure can reserve network resources for important, business critical applications traffic and provide SLA guarantees. In addition, cloud hosting companies can now define and provisions traffic resources based on each client’s needs.
Beyond user-defined traffic types, vDS can be configured for systems-level types as well. After selecting a traffic type, QoS tag fields can be prioritized, thus priority of service can be automated and ensured across multiple cloud computing networks and user types.
A list of additional vDS features and functionality that benefit cloud hosting companies includes a new stateless firewall that is built into the ESXi kernel, network I/O Control improvements including network resource pools and 802.1q support, support for LLDP standard for network discovery in addition to CDP support, the ability to mirror ports for advanced network troubleshooting or analysis, and the ability to configure NetFlow for visibility of inner-VM communication.