Книга: Mastering VMware® Infrastructure3
Virtual Networking Best Practices
Virtual Networking Best Practices
The configuration details regarding the virtual networking best practices shown here can be found in Chapter 3.
? Plan the virtual-to-physical networking integration.
? Maximize the number of physical network adapters (Ethernet ports) to provide flexibility in the virtual networking architecture.
? Separate Service Console, iSCSI, NAS, VMotion, and virtual machine traffic across different physical networks pending the availability of network adapters or use a VLAN architecture to segment the traffic.
? Create virtual switches with VLAN IDs to provide security, segmentation, and scalability to the virtual switching architecture.
? Construct a virtual networking security policy for virtual switches, ports, and port groups.
? Create port groups for security, traffic shaping, or VLAN tagging.
? For optimal security, configure the virtual switch properties with the following settings:
? Promiscuous mode: Reject
? MAC Address Changes: Reject
? Forged Transmits: Reject
? Avoid VLAN tags used by common third-party hardware devices, like VLAN0. Virtual switches do not support the native VLAN as physical switches do.
? Define traffic shaping to reduce the outbound bandwidth available either to the virtual machines that do not require full access to the bandwidth of the physical adapter or to the virtual machines that inappropriately monopolize bandwidth. Weigh the options of micro-managing virtual machine bandwidth against the configuration of NIC teams with the installation of additional network adapters.
? Construct NIC teams on a physical adapter connected to separate bus architectures. For example, use one onboard network adapter in combination with an adapter from an expansion card. Do not use two adapters from the same expansion card in the same NIC team or two onboard adapters in the same NIC team.
? To eliminate a single point of failure at the physical switch, connect network adapters in a NIC team to separate physical switches that belong to the same broadcast domain.
? Consider creating a NIC team for the service console. Otherwise, consider providing multiple vswif ports on different networks for redundant Service Console access.
? Construct a dedicated Gigabit LAN for VMotion. Ideally, all physical network adapters in the server offer gigabit speeds.
? Create separate networks for test and production virtual machines.
Оглавление книги
- Appendix D VMware Infrastructure 3 Best Practices
- VirtualCenter Best Practices
- Suggested Practices
- Virtual Machine Best Practices
- Disaster Recovery and Business Continuity Best Practices
- Chapter 5 Installing and Configuring VirtualCenter 2.0
- Глава 2 Виртуальные машины Virtual PC 2004
- CHAPTER 14 Networking
- Networking with TCP
- Advanced Wireless Networking
- Support for Wireless Networking in Fedora
- Why Virtualization Is a Smart Idea