Add a distributed port group to a vSphere distributed switch to create a distributed switch network for your virtual machines and to associate VMkernel adapters.
- Browse to a distributed switch in the vSphere Web Client.
- Right-click the distributed switch in the navigator and select New distributed port group.
- In the Select name and location section, type the name of the new distributed port group, or accept the generated name, and click Next.
- In the Configure settings section, set the general properties for the new distributed port group and click Next.
Choose when ports are assigned to virtual machines connected to this distributed port group.
Static binding (default): Assign a port to a virtual machine when the virtual machine connects to the distributed port group.
Dynamic binding: Assign a port to a virtual machine the first time the virtual machine powers on after it is connected to the distributed port group. Dynamic binding has been deprecated since ESXi 5.0.
Ephemeral: No port binding. You can assign a virtual machine to a distributed port group with ephemeral port binding also when connected to the host.
Elastic (default): The default number of ports is eight. When all ports are assigned, a new set of eight ports is created. This is the default.
Fixed: The default number of ports is set to eight. No additional ports are created when all ports are assigned.
Number of ports
Enter the number of ports on the distributed port group.
Network resource pool
Use the drop-down menu to assign the new distributed port group to a user-defined network resource pool. If you have not created a network resource pool, this menu is empty.
Use the Type drop-down menu to select VLAN options:
None (default): Do not use VLAN.
VLAN: In the VLAN ID field, enter a number between 1 and 4094.
VLAN Trunking: Enter a VLAN trunk range.
Private VLAN: Select a private VLAN entry. If you did not create any private VLANs, this menu is empty.
Select this check box to customize the policy configurations for the new distributed port group.
- (Optional) In the Security section, edit the security exceptions and click Next.
Reject (default). Placing an adapter in promiscuous mode from the guest operating system does not result in receiving frames for other virtual machines.
Accept. If an adapter is placed in promiscuous mode from the guest operating system, the switch allows the guest adapter to receive all frames passed on the switch in compliance with the active VLAN policy for the port where the adapter is connected.
Firewalls, port scanners, intrusion detection systems and so on, need to run in promiscuous mode.
MAC address changes
Reject (default). If you set this option to Reject and the guest operating system changes the MAC address of the adapter to a value different from the address in the .vmx configuration file, the switch drops all inbound frames to the virtual machine adapter. .
If the guest operating system changes the MAC address back, the virtual machine receives frames again.
Accept. If the guest operating system changes the MAC address of a network adapter, the adapter receives frames to its new address.
Reject (default). The switch drops any outbound frame with a source MAC address that is different from the one in the .vmx configuration file.
Accept. The switch does not perform filtering and permits all outbound frames.
- (Optional) In the Traffic shaping section, enable or disable Ingress or Egress traffic shaping and click Next.
If you enable either Ingress Traffic Shaping or Egress Traffic Shaping, you are setting limits on the amount of networking bandwidth allocated for each virtual adapter associated with this particular port group. If you disable the policy, services have a free, clear connection to the physical network by default.
Establishes the number of bits per second to allow across a port, averaged over time. This is the allowed average load.
The maximum number of bits per second to allow across a port when it is sending and receiving a burst of traffic. This tops the bandwidth used by a port whenever it is using its burst bonus.
The maximum number of bytes to allow in a burst. If this parameter is set, a port might gain a burst bonus when it does not use all its allocated bandwidth. Whenever the port needs more bandwidth than specified by Average Bandwidth, it might temporarily transmit data at a higher speed if a burst bonus is available. This parameter tops the number of bytes that might be accumulated in the burst bonus and thus transferred at a higher speed.
- (Optional) In the Teaming and failover section, edit the settings and click Next.
Specify how to choose an uplink.
Route based on the originating virtual port (default). Choose an uplink based on the virtual port where the traffic entered the distributed switch.
Route based on IP hash. Choose an uplink based on a hash of the source and destination IP addresses of each packet. For non-IP packets, whatever is at those offsets is used to compute the hash.
Route based on source MAC hash. Choose an uplink based on a hash of the source Ethernet.
Route based on physical NIC load. Choose an uplink based on the current loads of physical NICs.
Use explicit failover order. Always use the highest order uplink from the list of Active adapters which passes failover detection criteria.
IP-based teaming requires that the physical switch be configured with etherchannel. For all other options, disable etherchannel.
Network failover detection
Specify the method to use for failover detection.
Link Status only (default). Relies solely on the link status that the network adapter provides. This option detects failures, such as cable pulls and physical switch power failures, but not configuration errors, such as a physical switch port being blocked by spanning tree or that is misconfigured to the wrong VLAN or cable pulls on the other side of a physical switch.
Beacon Probing. Sends out and listens for beacon probes on all NICs in the team and uses this information, in addition to link status, to determine link failure. This detects many of the failures previously mentioned that are not detected by link status alone.
Do not use beacon probing with IP-hash load balancing.
Select Yes (default) or No to notify switches in the case of failover. If you select Yes, whenever a virtual NIC is connected to the distributed switch or whenever that virtual NIC’s traffic would be routed over a different physical NIC in the team because of a failover event, a notification is sent out over the network to update the lookup tables on physical switches. In almost all cases, this process is desirable for the lowest latency of failover occurrences and migrations with vMotion.Note:
Do not use this option when the virtual machines using the port group are using Microsoft Network Load Balancing in unicast mode. No such issue exists with NLB running in multicast mode.
Select Yes (default) or No to disable or enable failback.
This option determines how a physical adapter is returned to active duty after recovering from a failure. If failback is set to Yes (default), the adapter is returned to active duty immediately upon recovery, displacing the standby adapter that took over its slot, if any. If failback is set to No, a failed adapter is left inactive even after recovery until another currently active adapter fails, requiring its replacement.
Specify how to distribute the work load for uplinks. To use some uplinks but reserve others for emergencies if the uplinks in use fail, set this condition by moving them into different groups:
Active Uplinks. Continue to use the uplink when the network adapter connectivity is up and active.
Standby Uplinks . Use this uplink if one of the active adapter’s connectivity is down.
Unused Uplinks . Do not use this uplink.
When using IP-hash load balancing, do not configure standby uplinks.
- (Optional) In the Monitoring section, enable or disable NetFlow and click Next.
NetFlow is disabled on the distributed port group.
NetFlow is enabled on the distributed port group. NetFlow settings can be configured at the vSphere distributed switch level.
- (Optional) In the Miscellaneous section, select Yes or No (default) and click Next.
Selecting Yes shuts down all ports in the port group. This action might disrupt the normal network operations of the hosts or virtual machines using the ports.
- (Optional) In the Edit additional settings section, add a description of the port group and set any policy overrides per port and click Next.
- Review your settings in the Ready to complete section and click Finish.
Click the Back button to change any settings.