When Network I/O Control is enabled, the distributed switch allocates bandwidth for the traffic that is related to the main vSphere features.

  • Fault tolerance traffic

  • iSCSI traffic

  • vSphere vMotion traffic

  • Management traffic

  • VMware vSphere Replication traffic

  • NFS traffic

  • vSAN traffic

  • Backup traffic

  • Virtual machine traffic

How Network I/O Control Works

Network I/O Control enforces the share value specified for the different traffic types only when there is network contention. When contention occurs Network I/O Control applies the share values set to each traffic type. As a result, less important traffic, as defined by the share percentage, will be throttled, allowing more important traffic types to gain access to more network resources.

Network I/O Control also allows the reservation of bandwidth for system traffic based on the capacity of the physical adapters on an ESXi host, and enables fine-grained resource control at the virtual machine network adapter level. Resource control is similar to the model for vCenter CPU and memory reservations.

Network I/O Control Heuristics

The following heuristics can help with design decisions.

Shares vs. Limits

When you use bandwidth allocation, consider using shares instead of limits. Limits impose hard limits on the amount of bandwidth used by a traffic flow even when network bandwidth is available.

Limits on Certain Resource Pools

Consider imposing limits on a given resource pool. For example, if you put a limit on vSphere vMotion traffic, you can benefit in situations where multiple vSphere vMotion data transfers, initiated on different ESXi hosts at the same time, result in oversubscription at the physical network level. By limiting the available bandwidth for vSphere vMotion at the ESXi host level, you can prevent performance degradation for other traffic.

Teaming Policy

When you use Network I/O Control, use Route based on physical NIC load teaming as a distributed switch teaming policy to maximize the networking capacity utilization. With load-based teaming, traffic might move among uplinks, and reordering of packets at the receiver can result occasionally.

Traffic Shaping

Use distributed port groups to apply configuration policies to different traffic types. Traffic shaping can help in situations where multiple vSphere vMotion migrations initiated on different ESXi hosts converge on the same destination ESXi host. The actual limit and reservation also depend on the traffic shaping policy for the distributed port group where the adapter is connected to.

Network I/O Control Design Decisions

Based on the heuristics, this design has the following decisions.

Table 1. Network I/O Control Design Decisions

Decision ID

Design Decision

Design Justification

Design Implication

CSDDC-VI-NET-004

Enable Network I/O Control on the distributed switch.

Increase resiliency and performance of the network.

If configured incorrectly, Network I/O Control might impact network performance for critical traffic types.

CSDDC-VI-NET-005

Set the share value for vSphere vMotion traffic to Low.

During times of network contention, vMotion traffic is not as important as virtual machine or storage traffic.

During times of network contention, vMotion takes longer than usual to complete.

CSDDC-VI-NET-006

Set the share value for vSphere Replication traffic to Low.

vSphere Replication is not used in this design therefore it can be set to the lowest priority.

None.

CSDDC-VI-NET-007

Set the share value for vSAN traffic to High.

During times of network contention, vSAN traffic needs a guaranteed bandwidth to support virtual machine performance.

None.

CSDDC-VI-NET-008

Set the share value for management traffic to Normal.

By keeping the default setting of Normal, management traffic is prioritized higher than vSphere vMotion and vSphere Replication but lower than vSAN traffic. Management traffic is important because it ensures that the hosts can still be managed during times of network contention.

None.

CSDDC-VI-NET-009

Set the share value for NFS traffic to Low.

Because NFS is used for secondary storage, such as backups and vRealize Log Insight archives it is not as important as vSAN traffic, by prioritizing it lower vSAN is not impacted.

During times of network contention, backups are slower than usual.

CSDDC-VI-NET-010

Set the share value for backup traffic to Low.

During times of network contention, it is more important that primary functions of the SDDC continue to have access to network resources over backup traffic.

During times of network contention, backups are slower than usual.

CSDDC-VI-NET-011

Set the share value for virtual machines to High.

Virtual machines are the most important asset in the SDDC. Leaving the default setting of High ensures that they always have access to the network resources they need.

None.

CSDDC-VI-NET-012

Set the share value for vSphere Fault Tolerance to Low.

This design does not use vSphere Fault Tolerance. Fault tolerance traffic can be set the lowest priority.

None.

CSDDC-VI-NET-013

Set the share value for iSCSI traffic to Low.

Because you can use iSCSI for secondary storage, for example, for backups, iSCSI traffic is not as important as vSAN traffic.

During times of contention, services such as backups, are slower than usual.