- Key Concepts
- Introduction
- The vSphere Standard Switch
- vSwitch Properties
- Security
- Discovery
- Traffic Shaping
- NIC Teaming
- Hierarchy Overrides
- VMkernel Ports
- VM Port Groups
- Summary
The vSphere Standard Switch
The goal of VMware’s Standard Switch is to allow network traffic to flow in any scenario. This could mean that the ESXi host is not connected to a vCenter server at all, which is typically referred to as a “standalone” or “vSphere Hypervisor” install of vSphere. In this case, there’s no higher level of management than the host itself, so the standard level switch needs to be able to function with nothing more than the host telling it what to do.
Plane English
Before getting too far into how the Standard Switch works, we need to introduce a bit of terminology. When describing switch functions, we often use the terms “control plane” and “data plane.” Control plane traffic and functions can best be thought of as traffic to the switch, and data plane traffic is traffic through the switch. Management, monitoring, and configuration traffic concerning the switch is control plane traffic. Frames passing from a virtual machine (VM) out to the rest of the world would be data plane traffic.
In your typical physical, top-of-rack style switch, control and data planes live within the same piece of equipment. With virtual switches, these functions can be separated.
Control Plane
The control plane of a standard vSwitch resides on the VMware host. That is, any manipulation of the vSwitch configuration, number of ports, and the way that traffic is moved around are all part of the host’s responsibilities. More specifically, it’s the job of the hypervisor kernel (called the VMkernel) to make sure that the vSwitch is configured and operational.
As such, even when you cluster a bunch of VMware hosts together, each host is responsible for its own standard vSwitches. In the case of a vCenter failure, every host’s standard vSwitch would still be configurable by connecting the vSphere client directly to the host.
Data Plane
Every Standard vSwitch on a host is responsible for switching frames, which means that the data plane is a host’s responsibility. As data enters the host NICs, which form the uplinks for a standard vSwitch, the VMkernel makes sure that the frames get to the appropriate destination. Sometimes this means that the traffic gets ignored, especially in the case of external traffic that enters the vSwitch with an unknown destination MAC address.