VSphere Standard Switch vs. Distributed Switch: The differences
Explore the differences between vSphere's two virtual switches: vSS and vDS. One works best on a small scale, while the other can help manage networking across a large business.
When you first install an ESXi hypervisor, it should come with vSphere Standard Switch as its default network setup. Once you have ESXi installed and vSS configured, you can then create and configure a vSphere Distributed Switch via vCenter Server. VSS and vDS best serve environments of different scales, so consider the features of each and the size of your data center when choosing which to use.
VSphere Standard Switch (vSS) and vSphere Distributed Switch (vDS) provide network connectivity among virtual machines, different networks and workloads. You can use vSS and vDS at the same time, but not on the same networks or port groups. This means you can have centralized management for some networks and distributed management for others.
VSS and vDS each have certain requirements you must meet for proper implementation. You can configure vSS on a single ESXi host; you must first install and configure vCenter server in order to do so. You must also have a vSphere Enterprise Plus license to install vDS.
VSphere Standard Switch vs. Distributed Switch: Common features
Virtual switches are generally similar to Ethernet Layer 2 switches, with common features such as:
Uplinks. Uplinks are connections from the virtual switch to the outside world: The physical network interface card (NIC) plugged into the physical server where VMware ESXi is installed.
Port groups. Port groups are groups of virtual ports with similar configurations. On a physical switch, you can find physical Ethernet ports. With vSphere switches, these port groups are virtualized.
Both types of switches also support Layer 2 traffic handling, virtual LAN (vLAN) segmentation, 801.1 Q tagging, NIC teaming and outbound traffic shaping.
Explaining vSphere Standard Switch
VM network adapters and physical NICs on the host can use logical ports on the vSS, because each adapter uses only one port and belongs to a single port group. VSS detects which VMs are logically connected to which virtual ports and uses that information to forward traffic to the correct VMs -- it emulates a physical hardware switch. VSS comes free with an ESXi installation and you can create several vSSes on each ESXi host.
To create a vSphere standard switch, navigate to vCenter server and select Host > Configure > Networking > Virtual Switches > Add.
A core feature of vSS is teaming and failover. When you encounter a hardware problem and your physical NIC fails, ESXi uses vSS to automatically failover to another standby NIC on the host.
VSphere standard switch also comes with the following features:
Network connectivity. VSS provides network connectivity for hosts and VMs and handles VMkernel traffic.
Standard Port Group. Each port group on a standard switch uses network label identification, which must be unique to the current host. When you create port groups on different hosts, however, you must label them identically.
Advanced features. VSS supports advanced features such as outbound traffic shaping, NIC teaming and different security policies.
How vDS differs from vSS
In order to maintain connectivity between the different ESXi hosts of your cluster on certain networks, those networks must have identical labels.
If you have many ESXi hosts in a cluster, you must manually configure a lot of vSS switches. This is because vSS contains both data and management planes in each configured switch.
With vSphere Distributed Switch, VMware has decoupled the management plane from the data plane. The data plane enables vDS to perform tasks such as packet switching, filtering and vLAN tagging. The management plane only controls data from vCenter server.
You only need to create vDS once at the data center level, and any changes also require just a single reconfiguration. This is much simpler and much more efficient than vSS, which requires individual configuration of each switch.
VSphere Distributed Switches have the following features to distinguish them from a vSS switch:
Network I/O Control. Virtual networks use network resource pools. With Network I/O Control, you can create limits and shares for these resource pools. Network I/O Control aggregates network traffic into specific resource pools according to the traffic type.
SR-IOV support. This feature enables low-latency and high-I/O workloads to run on your networks.
Load-based teaming. Manage network workloads and choose physical uplinks with load-based teaming. Load-based teaming, or a load-balancing policy, determines how your network distributes traffic between the different network adapters in a NIC team.
The verdict: VSphere Standard Switch vs. Distributed Switch
VSS and vDS represent the core of networking in vSphere and ESXi. You can use vSS on a single ESXi host, while vDS works best for larger data centers.
VDS requires vCenter server for configuration but does not require it in order to run after the initial configuration. You can use and manage both vSS and vDS from vCenter server. You might find vDS somewhat similar to VMware High Availability, which also requires vCenter server for configuration but not to automatically restart VMs.