Understand How Virtual Machine Traffic Routes

Understand How Virtual Machine Traffic Routes

This post helps you to understand  how the virtual machine traffic flows in different scenarios. I hope this post will really helps VMware learners to understand the basics of virtual networking and how the virtual machine communication will happen in different scenarios with other virtual machines.

VM's connected with Same vSwitch, same port group and VLAN

VM1 and VM2 are connected to same vSwitch called "vSwitch1" ,same port group called Production and also same VLAN called VLAN 20 and also both are running in the same ESXi host called ESX1. Network traffic between these VM's (VM1 & VM2) does not go to physical NICs on the ESXi host and this frames also not forwarded to physical network like physical switch and router because VM's will communicate within the vSwitch and results in achieving the increased network speed and lesser network latency.

VM's connected with Same vSwitch, different port group and VLAN

VM1 and VM2 are connected to same vSwitch called vSwitch1 but VM1 connected to the port group called TestDev and VM2 connected to a port group called Production and also both are running in the same ESXi host called ESX1. Network traffic between VM1 and VM2 goes via a physical NIC attached to vSwitch1 and then to a physical switch and then travels back to a physical NIC on vSwitch1 and then to VM2.






VM's connected with different vSwitch but same port group

VM1 connected to the virtual switch called vSwitch1 and VM2 connected to a virtual switch called vSwitch2 but both are connected to same port group called Production and both VM's are running in the same ESXi host called ESX1. Network traffic between VM1 and VM2 goes via a physical NIC on vSwitch1 and then to physical switch  and then travel backs to a physical NIC attached on the vSwitch2 and then it will reach VM2.




VM's Running on different ESX host and connected to different vSwicth and  portgroup

VM1 is running on ESX host called ESX1 and connected to the virtual switch called vSwitch1 and portgroup calledProduction. VM2 is running on ESX host called ESX2 and connected to a virtual switch called vSwitch1 and port group called TestDev. Network traffic between VM1 and VM2 goes via a physical NIC on vSwitch1 on ESX1 and then to physical switch  and then travel backs to a physical NIC attached on the vSwitch1 on  ESX host and then it will reach VM2.



I hope this is informative for you. Thanks for Reading!!!!!

Comments
IB_IT
‎06-06-2014 07:19 AM
‎06-06-2014 07:19 AM

Thanks for the post...are you absolutely certain about your second scenario (Same vSwitch, different portgroups)?  I was under the impression that a VM on the same vSwitch could talk to another VM on a different portgroup without traveling through the pNIC.  This is taken right out of the online library for vSphere 5.1 on Standard Switches:

"When two or more virtual machines are connected to the same standard switch, network traffic between them is routed locally. If an uplink adapter is attached to the standard switch, each virtual machine can access the external network that the adapter is connected to."

I only ask because I am fighting a battle to get certain portgroups on the same vSwitch separated to their own vSwitch.  Your argument above directly contradicts it and also VMware literature...are there any kb's or other vmware docs that support your comment?  Thanks!

Texiwill
‎06-06-2014 09:15 AM
‎06-06-2014 09:15 AM

Hello,

The second scenario is about same vSwitch, different POrt group, and a different VLAN. Since if it a different VLAN and in the diagrams their is no VCNS Edge (or something similar) bridging the portgroups/VLANS within the vSwitch, the traffic will route through the pNIC. If the VLAN was the same then the traffic may not leave the vSwitch.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

LeaV97
‎01-19-2016 08:58 AM
‎01-19-2016 08:58 AM

Is there a way to force the traffic to the physical network when both VMs are on the same host, same portgroup?

AWSMNSS
‎01-20-2016 03:21 PM
‎01-20-2016 03:21 PM

My setup is like scenario 1. I have 2 VMs that see each other but my issue is that I cannot ping my default gateway on the physical switch from either of my VMs. The VMs are on a VLAN on the physical switch and I have the default gateway configured on the switch as well. I need that VLAN to use the default gateway so that I can access the VMs from a machine on the domain rather than just my management laptop. Any help would be appreciated.

mrwhitken
‎10-04-2016 03:28 PM
‎10-04-2016 03:28 PM

Did you set the VLAN # in the Port Group?  This needs to match the VLAN # on the Physical Switch.

giridhard
‎10-07-2016 06:59 AM
‎10-07-2016 06:59 AM

i want to understand how virtual machines communicates much in details are there any kb files for such or other documents?

1.If two VMs from same network but different hosts are communicating will Physical NICs come into picture or do they communicate over vSwitch.

2.how does the packets travels in Virtual machines communications, how will they use ARP signals?

nm1009
‎11-10-2017 02:28 PM
‎11-10-2017 02:28 PM

Test with threaded again.

Version history
Revision #:
1 of 1
Last update:
‎01-04-2014 08:21 PM
Updated by:
Enthusiast
 
View Article History