Configure Port Groups to Properly Isolate Network Traffic

by admin

This will be a short post intended to cover the VCAP-DCA objective around using portgroups to isolate network traffic. This topic overlaps slightly with my previous VCAP post about load balancing and failover policies.

vMotion is a great example of a use case for isolating network traffic using port groups. VMware recommend that vMotion traffic is kept separate from other traffic as, when a vMotion occurs, the contents of the guest OS’s memory is transmitted cross the network.

It is preferable to use a separate physical network, meaning a dedicated vSwitch for this traffic. However, when this is not possible it is acceptable to use an existing vSwitch, but isolate the traffic by creating a new portgroup with appropriate VLAN tag. Whether using physical separation or using VLANs, the network segment used shouldn’t be routable.

There’s more detail about VMware networking best practices here and a look at using PVLANs to isolate traffic here.


Keep up to date with new posts on Buildvirtual.net - Follow us on Twitter:
Be Sociable, Share!

Comments on this entry are closed.

Previous post:

Next post: