kentoh - Fotolia
To understand basic vSphere network design, you must first understand the fundamental principles of vSphere networking and the differences between vSphere and physical networks. You must also know how to address and troubleshoot the specific common problems that networking on vSphere presents.
Redundancy, isolation and consistency form the foundation of networking on a vSphere cluster.
You can use affordable 10 GbE network interface cards (NICs) and switches to simplify your vSphere network design. Just two 10 GbE NICs with virtual LAN (VLAN) trunks can provide a high bandwidth and redundant physical layer for all vSphere networking.
Once you have a foundation, you can consider performance and environment needs that require more detailed design.
The basics of vSphere networking
All networking on vSphere goes through virtual switches. Virtual switches are modeled after physical Ethernet switches. Physical network adapters such as NICs in vSphere hosts connect these virtual switches to the physical switches with which they correspond.
VMs and vSphere hosts connect to port-groups on the virtual switches. A port-group represents a set of policies, some inherited from the virtual switch and others specific to the port-group. One of the port-group policies is a VLAN ID.
Most organizations use VLANs to separate different IP subnets -- such as management, storage, vMotion or various VM applications -- that carry different types of network traffic. VLAN trunking, a common practice in vSphere, enables the same physical network adapter to carry multiple isolated networks.
Redundancy is critical
Every virtual switch should have at least two NICs linking it to a physical switch. That way, no function is lost if a single network cable fails.
Although two network adapters are the minimum, you can choose to use more NICs to provide more bandwidth for a virtual switch. However, the rise of 10 GbE NICs means you won't need multiple physical adapters as much. Just two 10 GbE adapters can do the work of four or five 1 GbE adapters. Make sure each virtual switch uses only a single NIC model and link speed to ensure reliability and consistency.
High-availability (HA) cluster networking also requires redundancy. Clusters use heartbeats to monitor the health of cluster members. You should have multiple heartbeat networks to make sure a management network failure doesn't cause a HA heartbeat failure.
Isolate network traffic
You should isolate different types of vSphere network traffic for the sake of security and performance. Usually, the separation in the physical network dictates the level of isolation your virtual network requires. For example, if all your networks reside on VLANs on a single switch stack, then you can pass all of those networks over VLAN trunks into one virtual switch. If you have networks on separate physical switches, then you must separate your physical network adapters and virtual switches.
Most admins use a hybrid configuration with some VLAN trunks and some physical isolation. You can use physical servers with 1 GbE NICs on the motherboard and no VLANs for management purposes. You can use a separate virtual switch with 10 GbE NICs and VLAN trunks for other network functions.
You can also use VMware NSX to achieve network isolation. NSX provides a richer software-defined networking experience than standard vSphere networking, but comes at an additional cost.
Ensure consistent configuration
Every host in a vSphere cluster must have the same network configuration. Consistent network configuration ensures vSphere cluster operations run properly. VMotion requires consistent VM configuration between source and destination hosts to complete a migration. VSphere HA necessitates consistent heartbeat networks for cluster operations and consistent VM networks for failover.
The vSphere distributed switch makes this easy. With it, you can set up one switch definition and attach it to multiple vSphere hosts. Distributed switches enable you to centrally configure and continuously update switch configuration on vSphere hosts.
However, not all vSphere licenses include distributed switches. Many environments still use the older vSphere standard switch. You must configure standard switches independently for each vSphere host. You can use PowerShell to set up consistent standard switches on vSphere hosts, but these only remain consistent until you make an update. When you make changes to a standard switch, remember to apply the same changes to all hosts in your cluster.