The logical entity termed as virtual switch is the fabric of logical switching by which the switch is followed as device of layer-2 network. Functions similar to the regular network switch are ensured by virtual switch with certain functionalities of advanced level which not present in physical switch. Some of these are:
- The transit traffic MAC addresses are not learnt by virtual switch from external network.
- It does not take part in spanning tree protocol.
Network loop cannot be created by Virtual switch for connection to the redundant network.
Forms of virtual switches:
The vSwitches of VMware are divided into two categories:
- Distributed Virtual switches.
- Standard Virtual switches.
1) Standard virtual switch is the one whose configuration is possible on single host ESXi. There are 120 ports in this vSwitch by default and per ESXI host, highest number of ports is 4096. Features of standard vSwitch are:
- Link discovery: This feature make use of CDP (Cisco discovery protocol) for sending and gathering information regarding the switch ports that are connected. This can further be used for the purpose of troubleshooting of network.
- It is possible to set the policies of security using the security settings:
All traffic is listened by guest virtual adapter when the option of promiscuous mode is turned on. It does not remain limited just to the traffic on own MAC address of the adapter It is also possible to disallow or allow to change virtual network adapter of VM’s MAC address with the option of MAC address changes.
Output frames transfer having varied MAC addresses could be blocked or permitted instead of one kept set for VM adapter with the help of option of forged transmits.
- NIC teaming: union of two or additional network adapters could be done in a team and same could be uplinked to virtual switch. This offers passive failover and enhances bandwidth in case when one of the either teamed adapter went down. An algorithm could be specified in the team for distribution of traffic among NICs with the help of settings of Load Balancing. Network adapters could be moved in list in up or down position for setting failover order. In case of failure of active adapter, the adapter on standby becomes active.
- Traffic shaping: for every virtual network adapter with which the vSwitch is connected, it helps in limiting the outbound traffic bandwidth. Limits could be set for burst size (KB), peak bandwidth (Kb/s) and average bandwidth (Kb/s)
- The policies of port group like NIC teaming, security and traffic shaping are inherited by default from policies of vSwitch. Overriding these policies is possible with their manual configuration for port groups.
2) Distributed vSwitch (dvSwitch) is the one including features of standard vSwitch while giving an interface for centralized administration. Configuration of dvSwitches is only possible in server of vCenter. The settings of dvSwitch are same after configuration within datacenter on all definite ESXi hosts. This helps in facilitating large virtual infrastructures management that prevents the requirement of manually setting the standard vSwitches on each of the ESXi host.
The virtual switch ports and network states are kept by VMs after migration among ESXi hosts while a dvSwitch is used by them. On each dvSwitch, the maximum possible ports amount is 60,000. ESXI host’s physical network adapters are used by dvSwitch on which reside the virtual machines for establishing their link with external network. Proxy switches are created by VMware dvSwitch on every ESXi host for similar settings representation.
Related – Physical Switch vs Virtual Switch
Following are the advantages offered by virtual switches:
- They allows separating the networks with routers and VLANs so that access could be restricted as desired from one network to the other.
- Security is improved.
- The network management becomes flexible with the help of virtual switches.
- The deployment and migration of VMs is easier.
- The requirement is for fewer adapters of hardware network for the connection of redundant network.
Virtual switches therefore allows several things including VM groups network connection management, security improvement, monitoring, and making easier administration for virtual environments of VMware vSphere. In comparison to the standard virtual switch, more features are there in the distributed virtual switch. This is the reason why it is preferred for virtual infrastructure that is larger and has more ESXi hosts.
Related – VMware Interview Q&A