vSphere does not include a dedicated TCP/IP stack for the vSAN traffic service. You can add the vSAN VMkernel network interface to the default TCP/IP stack and define static routes for all hosts in the vSAN cluster.

vSphere does not support the creation of a custom vSAN TCP/IP stack. You can ensure vSAN traffic in Layer 3 network topologies leaves over the vSAN VMkernel network interface. Add the vSAN VMkernel network interface to the default TCP/IP stack and define static routes for all hosts in the vSAN cluster.

Note: vSAN does not have its own TCP/IP stack. Use static routes to route vSAN traffic across L3 networks.

vSphere 6.0 introduced a new TCP/IP stack architecture, which can use multiple TPC/IP stacks to manage different VMkernel network interfaces. With this architecture, you can configure traffic services such as vMotion, management, and fault tolerance on isolated TCP/IP stacks, which can use multiple default gateways.

For network traffic isolation and security requirements, deploy the different traffic services onto different network segments or VLANs. This prevents the different traffic services from traversing through the same default gateway.

When you configure the traffic services on separate TCP/IP stacks, deploy each traffic service type onto its own network segment. The network segments are accessed through a physical network adapter with VLAN segmentation. Map each segment to different VMkernel network interfaces with the respective traffic services enabled.

TCP/IP Stacks Available in vSphere

vSphere provides TCP/IP stacks that support vSAN traffic requirements.

  • Default TCP/IP Stack. Manage the host-related traffic services. This stack shares a single default gateway between all configured network services.

  • vMotion TCP/IP Stack. Isolates vMotion traffic onto its own stack. The use of this stack completely removes or disables vMotion traffic from the default TCP/IP stack.

  • Provisioning TCP/IP Stack. Isolates some virtual machine-related operations, such as cold migrations, cloning, snapshot, or NFC traffic.

You can select a different TCP/IP stack during the creation of a VMkernel interface.

Environments with isolated network requirements for the vSphere traffic services cannot use the same default gateway to direct traffic. Using different TCP/IP stacks simplifies management for traffic isolation, because you can use different default gateways and avoid adding static routes. Use this technique when you must route vSAN traffic to another network that is not accessible over the default gateway.