Re: vSphere 5.5 | DVS | ACL
it is not working as intended. Vmware support already concluded that and filled a PR.With acl's you create an allow rule, with some switching brands everything else is dropped without creating a drop...
View ArticleRe: vSphere 5.5 | DVS | ACL
Perhaps you copied your rules down incorrectly when you shared them? Because you stated that you created this rule: action: droptarffic direction: egressprotocol is anysource ip is anydestination ip is...
View ArticleRe: vSphere 5.5 | DVS | ACL
your overlooking the "no" part in the first drop rule. but lets put it differently.What if i want to disallowe EVERYTHING except icmp to .254 how should i do that.
View ArticleGuest-to-guest communication on the same ESXi host
Dear all, In the vSphere 5.1 release, guest to guest VMCI was removed. So, how does Guest-to-guest communication on the same ESXi host work?I tested tow CentOS 64 with vmxnet3 using iperf, and got...
View ArticleRe: Guest-to-guest communication on the same ESXi host
I tested tow CentOS 64 with vmxnet3 using iperf, and got 25Gbps throughput. This could be inter-process communication within the ESXi host, but not VMCI socket, what does Guest-to-guest communication...
View ArticleNetwork design verification question
Attention VMware networking gurus: I recently was asked to trouble a networking issue at a customer site. Here is what I discovered: - The customer has a single vSwitch which is configured for IP...
View ArticleRe: Network design verification question
With IP hashing (or LACP), you need to have all links as active. This is because the physical switch at the other side of the channel has no information about such configurations and will always try to...
View ArticleRe: Guest-to-guest communication on the same ESXi host
Hi, MKguy Thank you for your reply.So, it is not related to VMCI or some other socket technologies. Best Regards.
View ArticleVDS vs VSS for management and Vmkernel traffic
I know it's been discussed before but every so often it's good to revisit these type of discussions. Please provide a pro vs con type reasoning for your thoughts. For Management traffic VDS vs VSS...
View ArticleRe: VDS vs VSS for management and Vmkernel traffic
At this stage with VMware not doing any new development for the VSS I would say VDS is the way to go for alll networking needs - especially with the coming of virtualized networking -
View ArticleRe: Network design verification question
Thanks for confirming what I suspected simply from a logical view of the setup. I was actually hoping for a deeper dive that would shed light as to why the Port ID config was still working underneath...
View ArticleRe: Network design verification question
I don't think more detailed explanations are going to convince people like this who already fail to understand the basic concept/implications of such configurations. To stick to some hard references:...
View ArticleDMZ environment query
Hi, currently we have an isolated ESXi host hosting our DMZ environment. I'd like to know if it is possible to segregate a DMZ environment within our production 5.1 cluster? Thanks
View ArticleRe: DMZ environment query
Define "segregate". It's certainly a standard function of VMware to utilise different VLANs over a network cable to separate servers at a network layer from each other.
View ArticleRe: DMZ environment query
It's possible to do logical network separation using VLANs and bring the DMZ to your cluster. This way you can leverage the advantages that a cluster brings (HA, DRS, etc.) for your DMZ vm's too....
View ArticleLBT loadbalacing over a Converged Network Adapter
We use Dell blades with a CNA installed. The CNA handles both the FC and Ethernet traffic, and presents a vmhba and vmnic to the ESX host. On the DVS we use LBT (Route based on physical NIC load). I...
View ArticleRe: LBT loadbalacing over a Converged Network Adapter
LBT looks at Ethernet traffic traversing the dvUplink, with the 75% threshold being based on the port speed. LBT does not look at the FC vmhba traffic. It is up to your CNA to either carve up the 10Gb...
View ArticleRe: VDS vs VSS for management and Vmkernel traffic
Your question requires a lot of knowledge around use case, design, licensing, and requirements. There is no easy answer. We cover the topic of Standard vs Distributed switch in detail in our upcoming...
View ArticleRe: Network design verification question
I was actually hoping for a deeper dive that would shed light as to why the Port ID config was still working underneath the aggregated links even though it should be set to IP hash, but I'm happy with...
View ArticleRe: LBT loadbalacing over a Converged Network Adapter
This triggers another question: if the 10 Gb CNA is split up in 6Gb for Ethernet and 4Gb for FC / FCoE, where is 75% threshold based upon? The 6 Gb the CNA handles for Ethernet or the 10 Gb that is...
View Article