- Identify VMware NIC Teaming policies
- Identify common network protocols
Skills and Abilities
- Understand the NIC Teaming failover types and related physical network settings
- Determine and apply Failover settings
- Configure explicit failover to conform with VMware best practices
- Configure port groups to properly isolate network traffic
- ESX Configuration Guide
- ESXi Configuration Guide
- vSphere Command-Line Interface Installation and Scripting Guide
- Product Documentation
- vSphere Client
- vSphere CLI
Understand the NIC Teaming failover types and related physical network settings
A great blog post that goes over this in detail:
Determine and apply Failover settings
Configurable from the NIC teaming tab of the vSwitch
From the ESX(i) server configuration guide:
Load Balancing Settings
- Route based on the originating port ID (Default) – Choose an uplink based on the virtual port where the traffic entered the virtual switch.
- Route based on IP hash – Choose an uplink based on a hash of the source and destination IP addresses of each packet. For non-IP packets, whatever is at those offsets is used to compute the hash.
- Route based on source MAC hash – Choose an uplink based on a hash of the source Ethernet. Use explicit failover order – always use the highest order uplink from the list of Active adapters, which passes failover detection criteria. This is a best practice but is not the default.
- NOTE: IP-based teaming requires that the physical switch be configured with EtherChannel. For all other options, EtherChannel should be disabled.
Network Failover Detection
- Link Status only (Default) – Relies solely on the link status that the network adapter provides. This option detects failures, such as cable pulls and physical switch power failures, but not configuration errors, such as a physical switch port being blocked by spanning tree or that is misconfigured to the wrong VLAN or cable pulls on the other side of a physical switch.
- Beacon Probing – Sends out and listens for beacon probes on all NICs in the team and uses this information, in addition to link status, to determine link failure. This detects many of the failures previously mentioned that are not detected by link status alone. When there are at least three NIC’s, use beacon probing.
- “What is beacon probing?” – VMware KB1005577
- Select Yes or No to notify switches in the case of failover. If you select Yes, whenever a virtual NIC is connected to the vSwitch or whenever that virtual NIC’s traffic would be routed over a different physical NIC in the team because of a failover event, a notification is sent out over the network to update the lookup tables on physical switches. In almost all cases, this process is desirable for the lowest latency of failover occurrences and migrations with vMotion.
- NOTE: Do not use this option when the virtual machines using the port group are using Microsoft Network Load Balancing in unicast mode. No such issue exists with NLB running in multicast mode. Source – VMware KB1556
- Select Yes or No to disable or enable failback.
This option determines how a physical adapter is returned to active duty after recovering from a failure. If failback is set to Yes (default), the adapter is returned to active duty immediately upon recovery, displacing the standby adapter that took over its slot, if any. If failback is set to No, a failed adapter is left inactive even after recovery until another currently active adapter fails, requiring its replacement.
Specify how to distribute the workload for uplinks. If you want to use some uplinks but reserve others for emergencies in case the uplinks in use fail, set this condition by moving them into different groups:
- Active Uplinks – continue to use the uplink when the network adapter connectivity is up and active.
- Standby Uplinks – use this uplink if one of the active adapter’s connectivity is down.
- Unused Uplinks – do not use this uplink.
Configure explicit failover to conform to VMware best practices
Recognizing this is a best practice is probably all that needs to be stated here. To configure explicit failover, just go to the NIC teaming tab of the vSwitch properties to configure this. Set Load balancing to ‘Use explicit failover order’ and configure the appropriate order for NIC’s in your environment.
Configure port groups to properly isolate network traffic
Not much to this section, use VLAN tagging and port groups to isolate network traffic on the same vSwitch. Additionally I may add not to forget to isolate traffic for storage and management, separate from virtual machine traffic. It is recommended to separate out your vMotion traffic and it can be on an isolated and non-routed network segment if needed.