VMware Networking Deep Dive
Webinar: 4.83 Instructor: 4.88 Materials: 4.77 more …
Every hypervisor software (including VMware ESX/vSphere, Hyper-V and Xen) has to include a networking component to enable virtual machines running on the same server to communicate. VMware developers decided to depart from the established networking architectures and create an innovative virtual switch implementation. The vSwitch behavior can cause interesting network-side integration challenges; to resolve them, you have to understand how VMware networking works (and grasp their proprietary terminology).
Created by Scott Lowe, a renowned virtualization guru, and Ivan Pepelnjak, an internetworking expert, the VMware Networing Deep Dive webinar explains the details of VMware networking, the design and deployment principles and the benefits and drawbacks of advanced technologies like vShield series of products, Virtual Security Gateway from Cisco and vCloud Director Networking Infrastructure.
You can also get this recording as part of Data Center trilogy.
If part of your daily job includes VMware network connectivity, be it on the server or networking side, you simply have to attend this webinar, regardless of whether you’re a network architect or an implementation guru.
To attend this webinar, you should be familiar with the concepts of routing and bridging (if you’re a networking engineer, CCNP-level knowledge is highly recommended) and the fundamentals of server virtualization. Data Center 3.0 webinar is the ideal means of acquiring the prerequisite knowledge.
The VMware Networking Deep Dive is a 2-3 hour technical presentation. You can register for the on-line webinar immediately; we can also organize an on-site event, where the topics of this presentation are combined with in-depth discussion of other Data Center networking topics that apply to your network.
When attending the on-line webinar, you’ll get a PDF copy of the presentation materials immediately after the registration, giving you plenty of time to study the materials and prepare potential questions. The WebEx classroom instructions will be available two days before the event.
After the on-line webinar, you’ll get access to WebEx recording of the webinar that you’ll be able to watch as many times as desired.
The webinar will cover the following topics:
- VMware networking refresher;
- Impact of live VM migration (vMotion) on the network infrastructure;
- Network-side VM isolation;
- Virtualized firewalls: vShield Zones/App and Virtual Security Gateway;
- Virtualized network appliances: vShield Edge;
- vCloud Director Networking Infrastructure
VMware Networking Refresher
The refresher section describes VMware networking terminology (vSwitch, dvSwitch, portgroups, physical and virtual Network Interface Cards), the behavior of these elements in a typical vSphere deployment, the redundant connectivity options and the load-balancing considerations. You’ll also learn the differences between VMware’s switch implementation and Nexus 1000V virtual switch from Cisco Systems.
Live VM Migration
VMware’s ability to move live virtual machines between physical servers creates the need for large-scale layer-2 domains in your data center. This section will briefly describe the need for layer-2 connectivity between ESX servers, drawbacks of large-scale VLANs and various methods you can use to control the size of layer-2 domains.
Network-side VM isolation
VMware portgroups can be used to isolate groups of virtual machines. Without the vShield products (described in the next section), VLANs are used to establish network-wide portgroup isolation. However, the use of VLANs in VMware environment is not as simple as it might seem: you can use External Switch Tagging (EST), Virtual Switch Tagging (VST) or Virtual Guest Tagging (VGT) to apply VLAN tags to data packets.
VMware, Cisco and numerous other vendors offer virtualized firewalls, sometimes as standalone virtual appliances (example: Vyatta), tightly integrated with VMware DVfilter API (vShield) or using a third-party vSwitch/API (Cisco).
This chapter describes the benefits and drawbacks of all three mechanisms and gives you guidelines you can use to select the best mechanism for your environment.
Virtualized Network Appliances
Virtualized networking devices go far beyond the firewalls: VMware’s vShield Edge offers basic NAT and load balancing functionality, Vyatta offers a virtual router, F5 has virtualized load balancer.
Ease of deployment is the primary benefit of virtualized appliances, but they also have significant drawbacks, including suboptimal performance and traffic flow patterns. This section will give you the insight you need to decide whether the virtualized networking devices meet your needs.
vCloud Director is the management software that should allow you to deploy self-service cloud infrastructure. To reach that goal, it has to allow you to build your own virtual networking infrastructure.
This section describes the networking aspects of vCloud Director, its current limitations and the vCloud Director Networking Infrastructure (vCDNI), a proprietary MAC-in-MAC encapsulation scheme that is supposed to allow your data center to grow beyond the VLAN limits.
Feedback from the attendees
- Really liked that you sum up pros and cons for different solutions in the slides, and also recommend certain solutions. This gives me a nice reference to use afterwards, when talking to upper management and server admins.
I took this course to get arguments for investing in Cisco Nexus1000v, and you helped me out with a lot of great arguments for doing that. Keep up with these great webinars
- Asbjørn Setekleiv
- I appreciate your detailed explanation. Although virtual server access networking seems to be complicated, this webinar makes clear the design of the networking.
- Yukio Ogawa
- This session clears many things up. Sometimes not exactly easy to catch on, if you consider anything below layer 3 a bit abstract. People from networking side definitely benefit from knowing what's under the hood and if it helps cooperation with server people, even better.
I work for an SP, but we manage customer's LAN devices as part of their outsourcing contracts. As the "cloud" things goes everywhere now, it stops being traditional catalyst switches only. (In fact, we have to figure out how to deal with administrative things like provisioning, documenting or billing of virtual switch instances and per-port changes because of all this things going virtual but that's another story ...)
- Alexandra Stanovska
- On a very few slides if we lose your explanation (e.g. flowing your cursor) it was a bit hard to come back and by just looking at the diagram to understand the flow of data (e.g. slide 65 HP TippingPoint vController). Not a big problem since we are able to go back and review the recording... but maybe some numbered arrows could help out in a quick glance.
- Rodrigo Curado
About the Authors
Scott Lowe, a renowned author of several VMware-focused books and numerous articles, has been working in the IT field for more than 17 years as an instructor, technical trainer, systems administrator, IT manager, systems engineer, consultant, and Chief Technology Officer. He was the technical lead for the virtualization practice at ePlus Technology and currently works for EMCas the CTO for the vSpecialist team, where he specializes in the intersection and integration of VMware, Cisco, and EMC solutions, products, and technologies.
Ivan Pepelnjak (CCIE#1354) has been designing, deploying, operating and troubleshooting IP-based enterprise and service provider networks since 1990. He’s the author of EIGRP and MPLS books published by Cisco Press, numerous articles and highly praised webinars, including Data Center 3.0 for Networking Engineers and Data Center Interconnects.
- Webinar materials in PDF format
- Immediate access to current materials and past recordings
- Live interactive session in a WebEx classroom
- Recording of your WebEx session
- Updates to webinar materials and recordings
Related blog posts