Skip to Content

#VCAPorBUST Objective 2 – Implement and Manage Networking

The second objective of the VCAP-DCA exam is Networking.  Nothing all that new here for me, though this is the first time I’ve used Network I/O control.  Here’s a breakdown of some of the topics in the objective.

vSS (standard switches), are, as their name describes fairly standard.  They need to be configured individually on each and every host.  I used standard switches in my pervious environment, and had their configuration scripted.  One thing I noticed when building a host in my lab is that when you’re using PowerCLI to configure switches and trying to add a NIC, you need to specify all NICs in the switch, not just the one you are adding.  For example

$vswitch0 = GetVirtualSwitch -VMhost host3.lab.local -Name vSwitch0
Set-VirtualSwitch -VirtualSwtich $vswitch0 -Nic vmnic0,vmnic1

If I needed to create a switch, I would be using New-VirtualSwitch instead of Get-VirtualSwitch

New-VirtualSwitch host3.lab.local -Name vSwitch1 -Nic vmnic1,vmnic3

Now, let’s talk about scale.  vSS are well and good, but they can be a pain for example you need to change a setting on all of them throughout your environment (okay, they aren’t that bad to handle any more, there’s always PowerCLI and Host Profiles, but still).  That brings us to vDS (distributed switches).  While vSS were configured on the host level, vDS are created at the data center level and have uplinks from multiple hosts.  Once you create the vDS, you add hosts and their vmnics to the switch.  Pretty straight forward actually.  By using a vDS you get great features like Network I/O Control, and Private VLANs.

Network I/O Control is a lot like setting up shares for CPU or Memory on VMs, and you can also set throughput limits in Mbps.

Screen Shot 2014-07-07 at 7.48.41 PM

Private VLANs are basically a VLAN in a VLAN or VLANCEPTION!  Chris Wahl has an excellent post going into a little more detail.  There are two types of secondary PVLANs, community (which can talk to other community PVLANs), and isolated, which are, well isolated and can only talk to the main promiscuous PVLAN.

Here’s something interesting to note.  In the realm of Load Balancing, vSphere Standard Switches (vSS) and vSphere Distributed Switches (vDS) have slightly different options.  With a vDS you have all of the available options as a vSS, with the addition of Route based on physical NIC load.  Remember, to use a vDS you must have VMware vSphere Enterprise Plus licensing.  You can see the different options below.

Screen Shot 2014-07-07 at 8.00.42 PM

 Screen Shot 2014-07-07 at 7.59.37 PM

Here’s a post from VMware Arena that goes into more detail on the different Load Balancing policies.  If you aren’t familiar with vDS, this site has a great writeup!

There you have it, a brief introduction to vSphere Networking for the VCAP-DCA exam.  If you are looking to learn more, be sure to take a read through these articles:

The Simple Guide to NIC Teaming in VMware vSphere

Introduction to NIC Teaming in VMware vSphere 6.5 Networking




Sunday 13th of July 2014

Helpful hint, here's a sample pvlan question that was fashioned after the DCA test track


Sunday 13th of July 2014

For Load Balancing also need to remember route based on ip hash requires ether channel to be created on the physical switch and no beacon probing is allowed. Thats an important requirement for this load balancing policy.