This will be a short post intended to cover the VCAP-DCA objective around using portgroups to isolate network traffic. This topic overlaps slightly with my previous VCAP post about load balancing and failover policies.
vMotion is a great example of a use case for isolating network traffic using port groups. VMware recommend that vMotion traffic is kept separate from other traffic as, when a vMotion occurs, the contents of the guest OS’s memory is transmitted cross the network.
It is preferable to use a separate physical network, meaning a dedicated vSwitch for this traffic. However, when this is not possible it is acceptable to use an existing vSwitch, but isolate the traffic by creating a new portgroup with appropriate VLAN tag. Whether using physical separation or using VLANs, the network segment used shouldn’t be routable.
There’s more detail about VMware networking best practices here and a look at using PVLANs to isolate traffic here.