What vSphere's latest features mean for VMware vDS

What new or additional features do vSphere 5 and 6 bring to vSphere Distributed Switches?

VMware's virtual switch platforms offer a wide range of features and functionality. For example, every vSphere Standard Switch and vSphere Distributed Switch (vDS) can forward L2 frames, segment traffic into virtual LANs (VLAN), use 802.1Q VLAN encapsulation, shape outbound network traffic and handle Network Interface Card (NIC) teaming. But only VMware vDS instances can shape inbound network traffic, support private VLANs, and centralize management through vCenter Server. However, vDS has been around for several years now, and later versions of vSphere have added more features and functionality to vDS.

For example, vSphere 5.x added support for port mirroring, allowing a network switch to send a copy of traffic on one switch port to another switch port. This can occur between VMs on the same ESXi host, VMs on different hosts, from a VLAN to a port, from a port to a destination IP or from a port to a destination link. In most cases, the mirrored port is connected to a network monitoring device and assists in troubleshooting network issues within the virtual network.

NetFlow collects IP traffic information for analysis. Traffic can be collected between VMs on the same host, VMs between different hosts and VMs to parts of the physical network infrastructure. The traffic information can be analyzed for compliance, intrusion detection and other interactions within the virtual network.

The addition of link layer discovery protocol (LLDP) in vSphere 5.x vDS provides detailed information about network devices, including device IDs, software versions, timeout configurations and so on. LLDP is a vendor-neutral protocol, while Cisco Discovery Protocol is proprietary.

Enhanced link aggregation control protocol support allows ESXi hosts to connect to physical switches using dynamic link aggregation -- combining the physical NIC bandwidth and improving network redundancy and load balancing for each port group. Port security is bolstered through traffic filtering, and enhancements to single-root I/O virtualization allow for better Peripheral Component Interconnect Express device sharing -- such as splitting one physical NIC into multiple virtual NICs -- and NIC bandwidth is increased to 40 GB.

VSphere 6.x brings even more improvements to VMware vDS capabilities. For example, network I/O control features allow for vDS quality of service and bandwidth reservations on a per-VM basis. This works by dividing vDS traffic into types such as vMotion, VSAN, iSCSI, management, NFS, fault tolerance, custom traffic and so on. So VMs can receive guaranteed network bandwidth and also enforce bandwidth limitations.

Other features like multicast snooping can improve performance and scalability with multicast traffic types. For example, Internet Group Management Protocol snooping listens to traffic between hosts and routers, mapping the links that handle IP multicast streams. VMotion traffic -- often a bandwidth hog -- can benefit from a dedicated TCP/IP network stack that includes simpler IP address management and a dedicated gateway for vMotion traffic.

Given the importance of virtualization in the network layer with technologies like software-defined networking, it's important to watch for more improvements and features to VMware vDS in future versions of vSphere.