Embedded Files
HOST: 物理刀片
Esxi: VMware虚拟机操作平台, 每个host安装一个
uplink: 物理刀片的物理网卡
VMkernel口:Esxi用来对VMs做 Management(vmk1), vSan(vmk2), vTEP(vmk3), Fault Torlerance的接口, 连接到vSS/vDS
Vnic口: 虚拟机VM的虚拟网络接口 ,连接到vSS/vDS
Management Traffic - 这个接口主要用于配置vSphere HA时,管理网路心跳传输时用,如果不勾选,则意味着,没有vSphere HA没有心跳网路,将配置失败;
vMotion - 这个接口则用于支持将虚拟机从A ESXi主机在线迁移到B ESXi主机,如果没有这个接口,将无法迁移;
Fault Tolerance - 这个接口则用于支持虚拟机容错;
IP Storage - 这个接口被用于连接IP存储用,包括iSCSI和NFS存储,都可以;
默认情况下,可以把所有选项都勾选上,但是,这样一来,所有流量都将走同一个通道,容易形成相互干扰,进而导致对应的功能失败。因此,在生产环境中,建议独立划分不同的VMkernel子接口,以便完全保障对应业务的成功性。
5. NSX中,通过host preparation, 引入新的vmkernel (vmk3) vTEP口来承载vxlan业务, 所以虚机的本地vlan在发往uplink前,都被encapsulated了vxlan包头。
虚机连上DLS而非直接通过trunk上传,而是通过vxlan, vxlan则通过路由到达其他的vTEP,而形成vxlan tunnel
Given below is an illustration of the packet flow, during an ARP request from the VXLAN to a physical device
1. The ARP request from VM1 comes to the ESXi host with the IP address of a host on the physical network
2. The ESXi host does not know the destination MAC address. So the ESXi host contacts NSX Controller to find the destination MAC address
3. The NSX Controller instance is unaware of the MAC address. So the ESXi host sends a broadcast to the VXLAN segment 5001
4. All ESXi hosts on the VXLAN segment receive the broadcast and forward it up to their virtual machines
5. VM2 receives the request because it is a broadcast and disregards the frame and drops it. 6. The designated instance receives the broadcast
7. The designated instance forwards the broadcast to VLAN 100 on the physical network
8. The physical switch receives the broadcast on the VLAN 100 and forwards it out to all ports on VLAN 100 including the desired destination device.
9. The Physical server responds
Given below is an illustration of the packet flow, during the ARP response to the above, from the physical device in the VLAN to the VM in the VXLAN
1. The physical host creates an ARP response for the machine. The source MAC address is the physical host’s MAC and the destination MAC is the virtual machine’s MAC address
2. The physical host puts the frame on the wire
3. The physical switch sends the packet out of the port where the ARP request originated
4. The frame is received by the bridge instance
5. The bridge instance examines the MAC address table, sends the packet to the VNI that contains the virtual machine’s MAC address, and sends the frame. The bridge instance also stores the MAC address of the physical server in the MAC address table
6. The ESXi host receives the frame and stores the MAC address of the physical server in its own local MAC address table.
7. The virtual machine receives the frame
Given below is an illustration of the packet flow, from the VM to the physical server / device, after the initial ARP request is resolved (left)
1. The virtual machine sends a packet destined for the physical server
2. The ESXi host locates the destination MAC address in its MAC address table
3. The ESXi host sends the traffic to the bridge instance
4. The bridge instance receives the packet and locates the destination MAC address
5. The bridge instance forwards the packet to the physical network
6. The switch on the physical server receives the traffic and forwards the traffic to the physical host.
7. The physical host receives the traffic.
Given below is an illustration of the packet flow, during an ARP request from the physical network (VLAN) to the VXLAN vm.
1. An ARP request is received from the physical server on the VLAN that is destined for a virtual machine on the VXLAN through broadcast
2. The frame is sent to the physical switch where it is forwarded to all ports on VLAN 100
3. The ESXi host receives the frame and passes it up to the bridge instance
4. The bridge instance receives the frame and looks up the destination IP address in its MAC address table
5. Because the bridge instance does not know the destination MAC address, it sends a broadcast on VXLAN 5001 to resolve the MAC address
6. All ESXi hosts on the VXLAN receive the broadcast and forward the frame to their virtual machines
7. VM2 drops the frame, but VM1 sends an ARP response
Google Sites
Report abuse