Virtual network switches in the VMware admin's world: Pros and cons

Virtual switches connect VMs to the physical network. Virtual switches differ from physical switches, putting them in the VMware admin's control.

Virtual switches can be baffling for VMware admins new to networking in a virtualized environment. Understanding...

how virtual switches are used on hosts and how they relate to physical switches in the physical network will help you better understand and manage networking.

A virtual switch (vSwitch) interfaces virtual machines (VMs) to VMware Workstation, ESXi and other virtualization hosts. Virtual switches regulate access to the limited number of physical network cards for the unlimited VMs in the network. Every virtualization host has at least one virtual switch to regulate traffic to the physical network.

While a virtual network switch is similar to a physical network switch, it doesn't provide the same features as many modern physical switches do. Virtual switches lack some advanced management options, and you cannot use Telnet to access a virtual switch to change its configuration. Also, there is no advanced virtual switch command-line interface, where you can use different commands to direct its operation.

ALT: Virtual switch integration for networking.

Figure 1. Schematic overview of virtual switch integration in the host OS.

Virtual switches do operate at the data link layer of the Open Systems Interconnection (OSI) model and read the Media Access Control (MAC) address of incoming frames, much like a physical switch does. The virtual switch compares the destination MAC address in each frame to the switch table, then makes a switching decision. Virtual switches allow you to tag ports with a VLAN, use features like 802.11Q trunks and establish port channels. These features help integrate virtual switches in a network of physical switches.

Switch connectivity is important; virtual switches cannot be connected to physical switches. This eliminates advanced switching configurations based on protocols for switches to exchange information about different features. Therefore, virtual switches do not support spanning tree protocol (STP), which can be considered a real benefit.

In STP, switches exchange status information. If they are incorrectly configured, a switching loop can occur, bringing down network traffic on the entire switching infrastructure. Virtual switches also do not support other dynamic negotiation protocols, such as Cisco Systems' Dynamic Trunking Protocol or Port Aggregation Protocol. Avoiding these protocols makes managing virtual switches relatively easy for the VMware administrator without the help of the network administrator.

If you're accustomed to physical switches, you'll find some features you normally manage work almost automatically on virtual switches. Virtual switches don't need to learn MAC addresses from the network; they recognize the MAC addresses of connected VMs and put them in the MAC address table. No uplinks are used between virtual switches or between virtual and physical switches. Because of this, there is no switching topology, and therefore no need for STP.

Virtual switches connect VMs to one another and to the physical network. While they provide basic switching functionality, virtual switches are significantly different than physical switches. This puts virtual switch management under the control of the VMware administrator.

Dig Deeper on VMware and networking