Network isolation for VDS design highly depends
on your network security considerations. When you need to isolate the existing network traffics on the virtual infrastructure as same as the physical networking, so it's recommended to create more than one VDS and also separate the uplinks. It means you need to isolate the existing VLANs & Subnets, in both of the virtual and physical networking infrastructures.
For choosing another VMKernel port for the vMotion traffic, you should calculate the transfer rate(I/O) and decide based on your many factors like the speed rate of the existing physical uplinks. For example, if you have 10Gbps p-NICs, no need to create different VMKernels. Although deciding to separate the VMKernel services or using the same VMKernel port is depends on the following factors:
1. Security, Maybe you should plan to separate the Management, vMotion, FT, Replication subnets or even VLAN ID.
2. Existing SAN Storage structure and storage communication design (physical HBA, SAN Switch and so on).
3. Scalability, For future extending the network infrastructures.
4. Using the separate physical switches to completely split the vMotion traffics.Please mark my comment as the Correct Answer if this solution resolved your problem1 person found this helpful
- It is supported
- a single vmkernel is sufficient
it seems to me a normal configuration where you want to keep networks divided at the hardware level.
i have 8 switches spread across 52 host in 4 clusters - each cluster has 2 switches with 2 uplinks per switch.
vmotion has different vmkernelports because of faster 25GBe-uplinks, but this is not a must.
works without any problems
We have such a setup for ages because we want something phys. isolated on network level. So we have 2 vDS and the uplinks goes to different phys. switch gear.
Moderator: Moved to vSphere vNetwork