Enable the traffic filtering and marking policy on a port to configure traffic security and marking on a virtual machine network adapter, VMkernel adapter, or uplink adapter. The traffic filtering and marking policy does not support vSphere Distributed Switch configured with Network Offloads Compatibility.

Prerequisites

To override a policy on distributed port level, enable the port-level override option for this policy. See Configure Overriding Networking Policies on Port Level.

Procedure

  1. Navigate to a distributed switch and then navigate to a distributed port or an uplink port.
    • To navigate to the distributed ports of the switch, click Networks > Distributed Port Groups, click a distributed port group from the list, and click the Ports tab.
    • To navigate to the uplink ports of an uplink port group, click Networks > Uplink Port Groups, click an uplink port group from the list, and click the Ports tab.
  2. Select a port from the list.
  3. Select the Traffic Filtering and Marking tab.
  4. Click the Enable and reorder button.
  5. Use the toggle button to override the default settings.
  6. (Optional) Click Enable all traffic rules.
    If traffic rules are enabled on group level, after you override the default settings for the port, the traffic rules are automatically enabled.
  7. Click OK.

What to do next

Set up traffic filtering or marking for the data flowing through the distributed port or through the uplink port. See Mark Traffic on a Distributed Port or Uplink Port and Filter Traffic on a Distributed Port or Uplink Port.