VMwareTV: VMware Application Director – Any App Anywhere

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: VMware Application Director – Any App Anywhere
Apr 302013
 
http://bit.ly/T562uG Manually installing and configuring application components across multiple cloud destinations is repetitive. Manually installing and con...
From: vmwaretv
Views: 146
4 ratings
Time: 03:15 More in Science & Technology

VMware vSphere Blog: vSphere 5.1 Hardening Guide goes mobile!

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware vSphere Blog: vSphere 5.1 Hardening Guide goes mobile!
Apr 302013
 

Hi,

In order to get a wide audience for this topic, I’ve cross posted this post from the VMware Security and Compliance Blog. Enjoy!

It has been a couple of weeks since the release of the vSphere 5.1 Hardening Guide. Right around that time there was a call for updated content for the VMware Mobile Knowledge Portal app Well, I really wanted to see the updated Hardening Guide available on that  platform. That presented a challenge. For most customers, the format of releasing it as an Excel spreadsheet meets their need but have you looked at a spreadsheet on an iPad? Not a pretty sight.

So, using Microsoft Word’s Mail Merge capability I whipped up a proof of concept and showed it to a couple of folks. When your boss says “That’s awesome!” you know you’re on the right track. After some updating, we came out with a decent template and I’m happy to say that it looks great on my old iPad.

Here’s some examples:

First, a picture of the Mobile Knowledge Portal app itself. You can see a list of all the Hardening Guide content.

Now the Introduction Page that explains what the Hardening Guide contains

Finally, here’s an example of Hardening Guide data reformatted for a tablet. This is useful for browsing through all the guidelines.

ESXi-Config-NTP guideline

If you don’t have the VMKP, get it now for iPad and Android! Here’s some more info about the app and where to get it.

Get it for iPad on iTunes
Get it for Android tablets at Google Play

The VMKP is designed to provide a simple way for VMware customers to view technical collateral around the Datacenter & Cloud Infrastructure and Infrastructure & Operations Management products.
VMKP 2.0 adds the following enhancements over the original version
- Android and iPad support
- Ability to rate collateral
- Ability to provide feedback to VMware on pieces of collateral
- Integration with Facebook and Twitter to let others know what you have been reading on the VMKP
- Mechanism to request additional collateral items

I hope you find this useful. If you have feedback, please send it on!

Thanks,

mike

VMwareTV: VMware IT Business Management

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: VMware IT Business Management
Apr 302013
 
http://bit.ly/T562uG If your end-users are running around like kids in a candy store making themselves sick on IT self-service from anyone and everyone, mayb...
From: vmwaretv
Views: 112
4 ratings
Time: 02:02 More in Science & Technology

VMwareTV: VMware Cloud Service Provisioning

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: VMware Cloud Service Provisioning
Apr 302013
 
http://bit.ly/T562uG Self-service banking? Sure. Self-service groceries? Yep (thanks Clarence Saunders!) But multi-cloud, multi-platform, self-service Cloud ...
From: vmwaretv
Views: 232
4 ratings
Time: 02:18 More in Science & Technology

VMwareTV: VMware Cloud Operations Management

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: VMware Cloud Operations Management
Apr 302013
 
http://bit.ly/T562uG Dynamism -- you don't have to know how to spell it, but your Cloud Management solution better know how to handle it. VMware Cloud Operat...
From: vmwaretv
Views: 167
1 ratings
Time: 02:04 More in Science & Technology

VMwareTV: VMware Cloud Business Management

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: VMware Cloud Business Management
Apr 302013
 
http://bit.ly/T562uG Stop relying on spreadsheet kung-fu to try and measure or manage IT. VMware Cloud Business Management solutions give you real transparen...
From: vmwaretv
Views: 122
0 ratings
Time: 01:59 More in Science & Technology

VMware Support Insider: VMware vFabric Postgres Cheat-sheet

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Support Insider: VMware vFabric Postgres Cheat-sheet
Apr 302013
 

Here’s a cool pdf download for you. It’s a cube note (or cheat sheet) that you can use when troubleshooting Postgres issues with VMware vFabric, straight from our awesome team of storage support engineers.

VMware vFabric Postgres Chart
VMware vFabric Postgres Chart

VMware Security Blog: vSphere 5.1 Hardening Guide goes mobile!

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Security Blog: vSphere 5.1 Hardening Guide goes mobile!
Apr 302013
 

Hi,

It has been a couple of weeks since the release of the vSphere 5.1 Hardening Guide. Right around that time there was a call for updated content for the VMware Mobile Knowledge Portal app Well, I really wanted to see the updated Hardening Guide available on that  platform. That presented a challenge. For most customers, the format of releasing it as an Excel spreadsheet meets their need but have you looked at a spreadsheet on an iPad? Not a pretty sight.

So, using Microsoft Word’s Mail Merge capability I whipped up a proof of concept and showed it to a couple of folks. When your boss says “That’s awesome!” you know you’re on the right track. After some updating, we came out with a decent template and I’m happy to say that it looks great on my old iPad.

Here’s some examples:

First, a picture of the Mobile Knowledge Portal app itself. You can see a list of all the Hardening Guide content.

VMware Mobile Knowledge Portal App

Now the Introduction Page that explains what the Hardening Guide contains

Finally, here’s an example of Hardening Guide data reformatted for a tablet. This is useful for browsing through all the guidelines.

ESXi-Config-NTP guideline

If you don’t have the VMKP, get it now for iPad and Android! Here’s some more info about the app and where to get it.

Get it for iPad on iTunes
Get it for Android tablets at Google Play

The VMKP is designed to provide a simple way for VMware customers to view technical collateral around the Datacenter & Cloud Infrastructure and Infrastructure & Operations Management products.
VMKP 2.0 adds the following enhancements over the original version
- Android and iPad support
- Ability to rate collateral
- Ability to provide feedback to VMware on pieces of collateral
- Integration with Facebook and Twitter to let others know what you have been reading on the VMKP
- Mechanism to request additional collateral items

I hope you find this useful. If you have feedback, please send it on!

Thanks,

mike

vSphere PowerCLI Blog: Joining ESXi hosts to a domain and granting permissions with PowerCLI

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für vSphere PowerCLI Blog: Joining ESXi hosts to a domain and granting permissions with PowerCLI
Apr 302013
 

Recently I was asked by an administrator to help him automate the process of joining ESXi Hosts or as PowerCLI refers to them “VMhosts” to a domain and granting permissions for a domain user with PowerCLI.

In this post I am going to show you how this can be done with a few lines of code and also share my lessons learned throughout this process. Let’s assume that you have list of VMhost IP addresses and all VMhosts have the same local administrator credentials, you want to join them to a domain and grant permissions for a domain user or group account assigning it a specific role. In the script I assume the role exists on the VMHost but later I will show you how to create a custom role.

The Set-VMHostAuthentication cmdlet is used for joining a VMhost to a domain. You should have in mind that the full domain name must be specified on the Domain parameter of the cmdlet.

Get-VMHostAuthentication -VMHost <VMHost>| Set-VMHostAuthentication -Domain <domain fullname> -User <domain user name for authentication> -Password <password for authentication> -JoinDomain -Confirm:$false

The New-VIPermssion cmdlet is used for creating permissions for a specified user. The user is obtained with the Get-VIAccount cmdlet which has the ability to retrieve Domain user or group accounts when the VMHost is joined to a domain. In contrast to Set-VMHostAuthentication the Domain parameter of Get-VIAccount expects the domain alias instead of domain full name.

You should also be aware that if you don’t specify an Id filter to the Get-VIAccount cmdlet it returns the maximum 5000 results and for domains with many accounts this could be a constraint. So it is recommended to use Id filter of the cmdlet itself instead of applying filtering over its results.

To obtain domain user accounts use –User switch.

Get-VIAccount -Domain <domain alias> -User -Id <user name filter>

To obtain domain group accounts use –Group switch.

Get-VIAccount -Domain <domain alias> -Group -Id <group name filter>

To grant permissions you should specify account to Principal parameter returned by the Get-VIAccount cmdlet, role which can be obtained by Get-VIRole or specified by name and entity which in our case will be the VM host.

New-VIPermission -Principal <VIAccount> -Role <VIRole> -Entity <VMHost>

Here is the entire script with a lot of input parameters needed by the used cmdlets in the script but the script itself is not complex:

param (

[Parameter(Mandatory=$true, HelpMessage="List of VM host IPs")]

[ValidateNotNull()]

[string[]]

$vmHostIPs,

[Parameter(Mandatory=$true, HelpMessage="VM Host User Name")]

[ValidateNotNull()]

[string]

$vmHostUserName,

[Parameter(Mandatory=$true, HelpMessage="VM Host Password")]

[ValidateNotNull()]

[string]

$vmHostPassword,

[Parameter(Mandatory=$true,HelpMessage="Domain full name, required for joining hosts.")]

[ValidateNotNull()]

[string]

$domainlFullName,

[Parameter(Mandatory=$true,HelpMessage="Domain alias, required for retrieving domain accounts.")]

[ValidateNotNull()]

[string]

$domainAlias,

[Parameter(Mandatory=$true, HelpMessage="User name for domain authentication")]

[ValidateNotNull()]

[string]

$domainUser,

[Parameter(Mandatory=$true, HelpMessage="Password for domain authentication")]

[ValidateNotNull()]

[string]

$domainPassword,

[Parameter(Mandatory=$true, HelpMessage="Domain user name for which permissions will be granted")]

[ValidateNotNull()]

[string]

$userNameToGrantPermissions,

[Parameter(Mandatory=$true, HelpMessage="The name of the role you will assign to the user")]

[ValidateNotNull()]

[string]

$roleName

)

foreach ($vmHostIPin$vmHostIPs) {

# Establish connection to a VMHost

$vmHostConnection= Connect-VIServer-Server $vmHostIP -User $vmHostUserName -Password $vmHostPassword

try {

# Get VMHost instance

$vmHost= Get-VMHost -Server $vmHostConnection

# Join the VMHost to a domain

Get-VMHostAuthentication -VMHost $vmHost | Set-VMHostAuthentication -Domain $domainlFullName -User $domainUser -Password $domainPassword -JoinDomain -Confirm:$false

# Get a domain account

$viAccount= Get-VIAccount -Domain $domainAlias -User -Id $userNameToGrantPermissions

if (-not $viAccount) {

throw “VIAccount with Id ‘$userNameToGrantPermissions’ not found in domain ‘$domainAlias’”

}

# Get role to assign

$viRole= Get-VIRole -Name $roleName

if (-not $viRole) {

throw “VIRole with name ‘ $viRole’ not found.”

}

# Add permissions on VMHost

New-VIPermission -Principal $viAccount -Role $viRole -Entity $vmHost

} catch {

Write-Error (“The following error has occurred for VMHost ‘$vmHost’: `r`n”+$_)

} finally {

Disconnect-VIServer $vmHostConnection -Confirm:$false

}

}

As you can see the script opens a connection to each VMhost, joins it to the domain and creates permissions for a specific domain account. It relies on the existing role on the VMHost, but it can be easily modified to create a custom role and assign it to the obtained user.

To create a new custom role the New-VIRole cmdlet needs to be used specifying a name and list of privileges on its input. Here is an example:

New-VIRole -Name MyCustomRole -Privilege ‘Anonymous’, ‘View’, ‘Read’, ‘Power On’, ‘Power Off’

The script is calling the Get-VIAccount with a –User switch parameter which filters on domain user accounts. In order to retrieve a domain group account the –Group switch parameter should be used.

So the script looks pretty simple and straightforward but running it I’ve experienced the following problem. Sometimes Get-VIAccount failed to retrieve the domain user immediately after joining the VMhost to the domain and I received the following error “Error accessing directory: Can’t bind to LDAP server for domain: <DOMAIN>”.

It seems that synchronization with active directory needs some time after a host is joined to the domain and the problem is not 100% reproducible. So I solved it with a simple retry-wait mechanism on retrieving domain users.

# Get a domain account

$viAccount=$null

$retryCount= 5

while ((-not$viAccount) -and ($retryCount-ge 0)) {

try {

$viAccount= Get-VIAccount-Domain$domainAlias-User-Id$userNameToGrantPermissions

} catch {

Write-Error “Getting VIAccount with Id ‘$userNameToGrantPermissions’ failed with the following error: `r`n $_”

Write-Host “Next attempt in 5 seconds”

Start-Sleep -Seconds 5

}

$retryCount

}

Conclusion

In conclusion here are the lessons learned from this task:

  1. Get-VIAccount requires to specify the domain alias to Domain parameter
  2. Get-VIAccount limits the results to 5000
  3. Sometimes Get-VIAccount fails to obtain domain users immediately after a VMhost is joined to a domain.

imageThis post was created by Dimitar Milov…

Dimitar joined VMware and PowerCLI team in the beginning of 2011. He is member of the quality engineering part of the team and his main role is the functional verification of the vSphere, vCloud and License PowerCLI components.

As all members of the team he is working to deliver a good and valuable product. He is also working to improve all processes and tools involved in product development and validation.

VMware Consulting Blog: The Proof is in the Impact

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Consulting Blog: The Proof is in the Impact
Apr 302013
 

Today’s challenging business environment is a convergence of many changes. In this new business paradigm, IT executives are faced with determining how to best direct their staff, how to redesign IT processes, and how to use technology to grow businesses and/or fundamentally shift business models. Anticipating and staying abreast of these challenges requires thought leadership and seamless technical capabilities.

In this video, Michael Hubbard, Sr. Director of Accelerate and Services Sales for the Americas, discusses the value of gleaning best practices and insights from our consulting experts on virtualization, end user computing, cloud computing and more in this blog. He also shares a customer success story where VMware delivered an impactful, always on point-of-care solution for a major hospital.

Check back soon for more stories, best practices and insights.

VMware Accelerate: The Complexity of Choice and What it Means for IT

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Accelerate: The Complexity of Choice and What it Means for IT
Apr 302013
 

AUTHOR: Daryl Bishop

I recently listened to an interview with Barry Schwartz, author of The Paradox of Choice1. In his book he explores the modern Western industrial society tenet that, as individuals, in order to maximize our welfare, we all need to have freedom—and the way to maximize individual freedom is to maximize freedom of choice. So what happens if consumers, for example, have seemingly unlimited choice?

Schwartz’s hypothesis is that the sheer volume of choice in front of consumers today causes paralysis rather than liberation. Instead of selecting “a thing” that best suits us, we are confused by all we have to choose from and are often dissatisfied with our ultimate choice (the pursuit of perfection effect). The author goes on to suggest there may be a causal link between the increased percentage of depression cases in Western societies and the choice paradox. Schwartz suggests that the magic number for choice in retail is between six and eight; under six and it feels like we have no choice, and over eight—too much choice.

I have observed this effect for quite a few years now, and I term it the “Boost Juice effect.” A number of years ago in Australia, there was a surge of juice bars, the most recognizable being Boost Juice. There was one other major juice bar chain (its name escapes me), and several smaller ones across the country. At the time, Australia was going through the juice version of the Dutch Tulip craze—juice bars on every street corner.

The difference for me between Boost Juice and the also-rans was not the quality of product, rather that Boost Juice had a limited menu, and it was relatively simple to choose your juice. If I wanted a smoothie, there were six flavors to choose from and similar for a fresh juice. The other bars went with the total freedom of the “make it yourself” formula. I had one juice from this store, and to be honest I found the process to make my own juice confusing, and frankly it took me too much time to make my mind up. Sure the juice was fine, however my experience wasn’t great. While I’m not saying the other stores disappeared solely due to “the paradox of choice” conundrum, I do believe it was a contributing factor.

So What Are the Implications for IT?
My position is that a contributing factor for failure or missed objectives in technology programs and transformation endeavors is too much freedom of choice. With so many conflicting and complementary options from different vendors, CIOs and IT management—with the best of intentions—strive for perfection and, for the same reason as consumers, are ultimately let down by the experience. Instead of looking for the best-of-breed products at each level in the stack, make decisions from a viewpoint of integration, solution-orientation and integrated services.

When assessing the purchase an IT solution, ask whether:

  1. The vendor provides an integrated solution; do I have to buy plug-in components from other vendors to complete the stack? My observations are that for some of our customers integrating so-called best-of-breed products versus single vendor solutions often drives integration and support issues during and after the project. It’s the old adage, “perfection is the enemy of delivery.”
  2. Are there clear reference sites where you can verify the integration of the vendor solution? Similar to throwing meat into the water and telling a shark not to eat, some vendors will promise any and all without providing clear evidence.
  3. Is the vendor strategy clear, concise and is the strategy and roadmap complementary to your IT and business objectives?

Definitely use competition for your own benefit; however don’t go mad with choice. Limit choice, and be smart and focused on your desired outcomes and long-term objectives. VMware provides product suites—cloud infrastructure and EUC solutions—that are heavily integrated and backed up by strategy and technology consulting services. Over time other vendors will follow, providing suites or solutions rather than point products. The VMware vCloud Suite for example, is a complete cloud infrastructure solution covering the hypervisor layer right up to the cloud portal, managing and monitoring layer. This suite removes complexity by simplifying choice, while being flexible enough to meet customer needs.

As a consumer, you don’t need to buy separate hypervisor, automation, security, monitoring and management components and then throw the integration dice. Of course, you can if you wish—choice hasn’t gone away. It’s up to you how much choice you want, and you can dial it up or dial it down. I believe too many years of “dialed-up” choice is one of the contributors to project blowouts caused by cost overruns and missed delivery targets.

Above all else, IT management should strive for 100 percent perfection in project delivery and lifecycle management. Ask yourself whether the level of choice is providing a better project outcome or rather is increasing the risk of project delivery. Where possible, limit choice and think strategically around proven integrated solutions to meet your business objectives.

1Listen to Schwartz’s “The Paradox of Choice” TED talk
—–

Daryl Bishop is business solutions architect for VMware Accelerate Advisory Services, based in Melbourne, Australia.

VMware AccelerateTM Advisory Services can help you define your IT strategy through balanced transformation plans across people, process and technology. Visit our Web site to learn more about our offerings, or reach out to us today at: accelerate@vmware.com for more information.

Would you like to continue this conversation with your C-level executive peers? Join our exclusive CxO Corner Facebook page for access to hundreds of verified CxOs sharing ideas around IT Transformation right now by going to CxO Corner and clicking “ask to join group.”

VMwareTV: Michael Hubbard on VMware Consulting Blog

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMwareTV: Michael Hubbard on VMware Consulting Blog
Apr 292013
 
Learn best practices and insights from our consulting experts on virtualization, end user computing, cloud computing and more. Michael Hubbard discusses the ...
From: vmwaretv
Views: 29
3 ratings
Time: 04:15 More in Science & Technology

VMware Education & Certification Blog: Save 15% off VMware Training in the US & Canada

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Education & Certification Blog: Save 15% off VMware Training in the US & Canada
Apr 292013
 

Take any instructor-led VMware training class in the US and Canada between May 6 and June 30 and save 15%.

Whether you travel to one of our convenient training center locations, attend a course live online at your desk, or bring the training to you via our onsite training program – it’s all 15% off. This discount includes:

Get complete details on how to claim your discount online, but hurry, this offer ends June 30, 2013.

VMware Support Insider: A couple more product upgrade notices

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware Support Insider: A couple more product upgrade notices
Apr 292013
 

Here are a couple of other important items to note if you are applying updates today. We want to get this information out to our readers as quickly as possible. Please share with your colleagues:

Update vSA after upgrading to vCenter Server 5.1U1
Description: vSA 5.1.1 customers must upgrade to vSA 5.1.3 after upgrading their vCenter Server to 5.1 Update 1. For more information, see the release notes linked below.
Link: vSA Release Notes

Advisory: Upgrading to vCloud Director 5.1.x
Description: Upgrade to vCloud Director 5.1.x can affect virtual machines network connectivity due to network adapter mismatches. VMware KB article 2047922 provides tools and procedures to detect and correct network adapter type mismatches before the upgrade.
Link: Detecting and resolving network adapter type mismatches before upgrading vCloud Director to version 5.1.x (2047922)

VMware vSphere Blog: VXLAN Series – Different Components – Part 1

 Allgemein, Knowledge Base, Updates, VMware, VMware Partner, VMware Virtual Infrastructure, vSphere  Kommentare deaktiviert für VMware vSphere Blog: VXLAN Series – Different Components – Part 1
Apr 292013
 

In the last six months, I have talked to many customers and partners on Virtual eXtensible Local Area Network (VXLAN). One of the things I felt was challenging was how to explain the technology to two different type of audience. On one hand, there are Virtual Infrastructure administrators who want to know what problems this new technology is going to solve for them and what are the use cases. While on the other hand, there are Networking folks who want to dig into packet flows and all the innate protocol level details, how this technology compares with others, and what is the impact of this on the physical devices in the network etc.

The papers that we have made available “Network virtualization Design Guide” and “VXLAN Deployment Guide”, provides some basic knowledge about the technology, Use cases, and step-by-step deployment instructions. However, some of the detailed packet flow scenarios are not explained in these papers. So I thought it would be a good idea to put together a series of post discussing the packet flows in a VXLAN environment. Also, there are many common questions that I would like to address as part of this series.

To start this series, I will first describe the different components of the VMware’s VXLAN implementation.

VXLAN Components

The diagram above shows a deployment of two compute clusters that is configured with VXLAN components running on each vSphere host.

VXLAN is an overlay network technology. Overlay network can be defined as any logical network that is created on top of the existing physical networks. VXLAN creates Layer 2 logical networks on top of the IP network. The following two are key traits of an overlay technology:

-       It encapsulates original packets into a new header. For example, IPSec VPN, an overlay technology, encapsulates original IP frame in another IP header.

-       Communication is typically established between two tunnel end points. For example, in an IPSec based VPN, which runs on the public internet, the tunnels are established between two sites.

When you apply those overlay technology traits to VXLAN, you will see that VXLAN encapsulates original MAC frames in to a UDP header (shown below), and all vSphere hosts participating in VXLAN acts as tunnel end points. They are called Virtual Tunnel Endpoints (VTEPs).

VXLAN – Encapsulation Header

VTEPs are the nodes that provide the encapsulation and de-encapsulation function. When we will go through the detail packet flows it will be clear how these VTEPs encapsulate and de-encapsulate traffic from any virtual machine connected to a VXLAN based Layer 2 logical network or virtual wire. The virtual tunnel endpoint (VTEP) configured on every vSphere host consists of the following three modules:

1) VMware Installation Bundle (VIB) or vmkernel module – VTEP functionality is part of the VDS and is installed as a VMware Installation Bundle (VIB). This module is responsible for VXLAN data path processing, which includes maintenance of forwarding tables and encapsulation and de-encapsulation of packets.

2) vmknic virtual adapter – This adapter is used to carry control traffic, which includes response to multicast join, DHCP, and ARP requests. As with any vmknic, a unique IP address is assigned per host. The IP address is used as the VTEP IP while establishing host-to-host tunnels to carry VXLAN traffic.

3) VXLAN port group – This is configured during the initial VXLAN configuration process. It includes physical NICs, VLAN information, teaming policy, and so on. These port group parameters dictate how VXLAN traffic is carried in and out of the host VTEP through the physical NICs. As shown in the diagram, VLAN 2000 is used as the transport VLAN for VXLAN traffic. The transport VLAN has no relation to the logical Layer 2 networks or virtual wires that you will create.

The configuration of the VTEP on each vSphere host is managed through a central place called vCloud Networking and Security Manager. One of the common questions I get is whether this manager acts as a controller similar to the Openflow controller. The answer is No. In VXLAN there is no special controller or control plane required. So then the question is how in VXLAN a forwarding table is created ? In physical switch infrastructure the forwarding table information helps deliver packets to the right destination.

In VXLAN all the learning about the virtual machine MAC address and its association with VTEP IP is performed through the support of physical network. One of the protocols utilized in the physical network is IP multicast. VXLAN makes use of this IP multicast protocol to populate the forwarding tables in the VTEP.

Before we dig into how IP multicast is utilized in VXLAN, in the next blog, we will take a look at some basics on IP Multicast.

Get notification of these blogs postings and more VMware Networking information by following me on Twitter:  @VMWNetworking