VMware Cloud Community
mbartle
Enthusiast
Enthusiast
‎10-22-2021 05:51 AM

VCSA on vDS - Ephemeral Port Binding Question

I an in the process of migrating hosts to a vDS.  I have done some reading and it suggests to keep an ephemeral port group on the same vLAN that my vCenter runs on, in case of emergency.  My understanding is I could login to the ESXi hosts and add VMs to this network to help get things back up and running.

What I don't understand is :

1: Can I migrate the VCSA directly to the vDS port group or should I move it to the ephemeral one ?

2: Is the ephemeral port group to be used only in emergency or should the VCSA reside there permanent ?

I have not had a single problem migrating VMKernel and VM workloads to the vDS so far. Some folks seemed to lose connectivity to the VCSA once migrating from VSS to VDS so I dug a bit deeper and found the ephemeral port group option.

Thanks.

0 Kudos
3 Replies
alantz
Enthusiast
Enthusiast
‎10-22-2021 06:54 AM

I know that is the suggestion, but I think its overkill.  You can move VCSA directly to a vDS port group. if VCSA goes down you still have vCLS running to help with DRS/HA.  And if you ever think VCSA will be down for an extended time or uncomfortable with that you can enable VCenterHA.

--Alan--

 

 

0 Kudos
sjesse
Leadership
Leadership
‎10-22-2021 07:35 AM

If vcenter isn't up then you can't do anything regardless if vcls vms are moving, vcha is an option but is a overkill. The reason you don't want to keep it on an ephemeral port group because that stresses vcenter and the esxi hosts and you lose some features. Since its no impactful in most cases to just add the extra portgroup, thats usually the correct option.

 

Static (non-ephemeral) or ephemeral port binding on a vSphere Distributed Switch (1022312) (vmware.c...

 

Performance

Every operation, including add-host and virtual machine power operation, is slower comparatively because ports are created/destroyed in the operation code path. Virtual machine operations are far more frequent than add-host or switch-operations, so ephemeral ports are more demanding in general.

Non-persistent "ephemeral" ports

Non-persistent (that is, "ephemeral") ports port-level permissions and controls are lost across power cycles, so no historical context is saved."

IRIX201110141
Champion
Champion
‎10-22-2021 11:41 AM

1. Yes you can directly migrate onto your vDS. If you to it "right" you have a already existing Portgroup from type "ephemeral" because you cant convert a exising non ephemeral  to a ephemeral  later.

2. We use it permanently and this is how i implement it on all my customers since years.  We start with vDS and vSphere 4 somewhere in 2010 or so.

Regards,
Joerg

0 Kudos