Post

VMware Distributed Switches (dvSwitch)

Posted Updated
By Steven Marks
4 min read
1424217600
1614629284
6

In this article I am going to take you through what a Distributed switch or dvSwitch is and how it is used, I will also talk about why backing them up is so important, then show you how to backup by hand and with the help of some PowerShell scripts I have created for you.

What is a distributed switch?

A distributed switch (dvSwitch) is very similar to a standard vSwitch, the main difference is that the switch is managed by vCenter instead of the individual ESXi Hosts, the ESXi/ESX 4.x and ESXi 5.x hosts that belong to a dvSwitch do not need further configuration to be compliant.

Distributed switches provide similar functionality to vSwitches. dvPortgroups is a set of dvPorts. The dvSwitch equivalent of portgroups is a set of ports in a vSwitch. Configuration is inherited from dvSwitch to dvPortgroup, just as from vSwitch to Portgroup.

Virtual machines, Service Console interfaces (vswif), and VMKernel interfaces can be connected to dvPortgroups just as they could be connected to portgroups in vSwitches.

This means that if you have 100 ESXi Hosts you only need to configure the PortGroups once and then add the ESXi Hosts to the dvSwitch rather than configuring the networking individually on each host.

How Do You Use a dvSwitch?

Below I have created an example of a two host cluster using a dvSwitch, the dvSwitchis first configured on vCenter and then hosts are added to the dvSwitch. Adding a host to a dvSwitch will then push the network configuration to the host.

Once a host is added to the dvSwitchyou only need to assign the VMK’s and IP Addresses for it to begin functioning correctly. If you have migrated from a vSwitch you can migrate the VMK’s across saving additional configuration.

vdSwitch diagram

As you can see from the image there are a few differences from a standard switch, you now have “dvUplinks” these are virtual vmnic’s for the physical network cards that are associated to the same service. e.g. management on host A could be vmnic0 where as on host B it could be vmnic8 without dvUplinks we would not be able to assign the same service to different vmnics on each host.

After you get your head around dvUplinks everything else falls into place, the rest of the dvSwitch is the same as a standard switch (other than features)

VMK’s are host specific due to the requirement for an IP Address, these cannot be allocated on a pool basis which is a shame. You have to manually add VMK’s by going to the host network configuration, selecting vSphere Distributed Switch and then select Manage Virtual adapters, this will then allow you to add / remove / migrate VMK’s to and from specific port groups.

Pros & Cons

There are only a few pros and cons to distributed switches, I have listed all the ones I am aware of below: (if you know any more please leave a comment!)

Pros

  • Private VLAN’s
  • Netflow – ability for NetFlow collectors to collect data from the dvSwitch to determine what network device is talking and what protocols they are using
  • SPAN and LLDP – allows for port mirroring and traffic analysis of network traffic using protocol analyzers
  • Easy to add a new host
  • Easy to add a new port group to all hosts
  • Load Based Teaming, Load Balancing without the IP Hash worry.

Cons

  • If vCenter fails there is no way to manage your dvSwitch
  • Requires an Enterprise Plus License

Different Features

These features are available with both types of virtual switches:

  • Can forward L2 frames
  • Can segment traffic into VLANs
  • Can use and understand 802.1q VLAN encapsulation
  • Can have more than one uplink (NIC Teaming)
  • Can have traffic shaping for the outbound (TX) traffic

These features are available only with a Distributed Switch:

  • Can shape inbound (RX) traffic
  • Has a central unified management interface through vCenter Server
  • Supports Private VLANs (PVLANs)
  • Provides potential customization of Data and Control Planes

vSphere 5.x provides these improvements to Distributed Switch functionality:

  • Increased visibility of inter-virtual machine traffic through Netflow
  • Improved monitoring through port mirroring (dvMirror)
  • Support for LLDP (Link Layer Discovery Protocol), a vendor-neutral protocol.
  • The enhanced link aggregation feature provides choice in hashing algorithms and also increases the limit on number of link aggregation groups
  • Additional port security is enabled through traffic filtering support.
  • Improved single-root I/O virtualization (SR-IOV) support and 40GB NIC support.

Automated dvSwitch Backup Script

Below is a script that I have written that allows automated backups of your dvSwitches.

Get-dvSwitchBackup

I have also got many other scripts available for use here on my GitHub.

Final Thoughts

vSphere Distributed Virtual Switches are definitely the correct choice for companies that have the license, is it worth buying the licensing just for dvSwitch? I wouldn’t say so unless you require one of the specific features only dvSwitch supports. When you environment starts to grow I would say they are vital to saving time deploying hosts and re-configuring networks. I would recommend that you only use one or the other and don’t use a Hybrid configuration, in a Hybrid mode you are adding more configuration for your team and also added complexity that is not required. As long as you always have a backup of your dvSwitch you will not have any issues with loss of configuration.

If you have anything to add please comment below, all feedback is appreciated.

This post is licensed under CC BY 4.0 by the author.