A lot of the content on this site is oriented toward VMware ESX/ESXi users who have a pretty fair amount of experience. As I was working with some customers today, though, I realized that there really isn’t much content on this site for new users. That’s about to change. As the first in a series of posts, here’s some new user information on creating vSwitches and port groups in VMware ESX using the command-line interface (CLI).
For new users who are seeking a thorough explanation of how VMware ESX networking functions, I’ll recommend a series of articles by Ken Cline titled The Great vSwitch Debate. Ken goes into a great level of detail. Go read that, then you can come back here.
Before I get started it’s important to understand that, for the most part, the information in this article applies only to VMware ESX. VMware ESXi doesn’t have a Linux-based Service Console like VMware ESX, and therefore doesn’t have a readily-accessible CLI from which to run these sorts of commands. There is a remote CLI available, which I’ll discuss in a future post, but for now I’ll focus only on VMware ESX.
The majority of all the networking configuration you will need to perform on VMware ESX boils down to just a couple commands:
- esxcfg-vswitch: You will use this command to manipulate virtual switches (vSwitches) and port groups.
- esxcfg-nics: You will use this command to view (and potentially manipulate) the physical network interface cards (NICs) in the VMware ESX host.
Configuring VMware ESX networking boils down to a couple basic tasks:
- Creating, configuring, and deleting vSwitches
- Creating, configuring, and deleting port groups
I’ll start with creating, configuring, and deleting vSwitches.
Creating, Configuring, and Deleting vSwitches
You’ll primarily use the esxcfg-vswitch command for the majority of these tasks. Unless I specifically indicate otherwise, all the commands, parameters, and arguments are case-sensitive.
To create a vSwitch, use this command:
esxcfg-vswitch -a <vSwitch Name>
To link a physical NIC to a vSwitch—which is necessary in order for the vSwitch to pass traffic onto the physical network or to receive traffic from the physical network—use this command:
esxcfg-vswitch -L <Physical NIC> <vSwitch Name>
In the event you don’t have information on the physical NICs, you can use this command to list the physical NICs:
esxcfg-nics -l (lowercase L)
Conversely, if you need to unlink (remove) a physical NIC from a vSwitch, use this command:
esxcfg-vswitch -U <Physical NIC> <vSwitch Name>
To change the Maximum Transmission Unit (MTU) size on a vSwitch, use this command:
esxcfg-vswitch -m <MTU size> <vSwitch Name>
To delete a vSwitch, use this command:
esxcfg-vswitch -d <vSwitch Name>
Creating, Configuring, and Deleting Port Groups
As with virtual switches, the esxcfg-vswitch is the command you will use to work with port groups. Once again, unless I specifically indicate otherwise, all the commands, parameters, and arguments are case-sensitive.
To create a port group, use this command:
esxcfg-vswitch -A <Port Group Name> <vSwitch Name>
To set the VLAN ID for a port group, use this command:
esxcfg-vswitch -v <VLAN ID> -p <Port Group Name> <vSwitch Name>
To delete a port group, use this command:
esxcfg-vswitch -D <Port Group Name> <vSwitch Name>
To view the current list of vSwitches, port groups, and uplinks, use this command:
esxcfg-vswitch -l (lowercase L)
There are more networking-related tasks that you can perform from the CLI, but for a new user these commands should handle the lion’s share of all the networking configuration. Good luck!
Tags: CLI, ESX, Networking, Virtualization, VMware
-
Pretty nice post. I just came across your site and wanted to say
that I have really enjoyed reading your blog posts. Any way
I’ll be subscribing to your blog and I hope you write again soon! -
Great! Very concise and very appreciated!
-
Scott,
Great post and idea for a series.
Some additional reference for your readers: I posted a while ago about a real world example scenario that requires using esx-cfg-vswitch and esxcfg-nics. http://vmetc.com/2008/05/26/trouble-pinging-multiple-nic-esx-host-after-install/
-
Rich,
Good post–having the right NIC cabled for Service Console traffic is definitely a real-world instance of when these commands come in handy. In fact, it’s an issue that I even address in the Mastering vSphere book! Thanks for sharing that link, and keep up the good posts over at your site!
-
I posted some content on my company’s extranet that may be relevant – creating vSwitches for iSCSI & vMotion networks with Jumbo Frames enabled (as this is now supported/recommended in ESX4);
Note 1: This configuration example only applies to standard ESX v4 vSwitches. Distributed vSwitch MTUs are directly configurable via the vCenter GUI.
Note 2: In order for Jumbo Frames to function, MTU size (9000 bytes) must be enabled on all related hardware ie. iSCSI SAN, Network Switches & ESX server.
Note 3: In this example, two physical NICs are connected to each vSwitch for failover/redundancy.
The following assumes the iSCSI switch is vSwitch1 (192.168.200.0/24) and vMotion switch is vSwitch2 (192.168.201.0/24). Names & IP addresses will need to be changed to suit your deployments.
This needs to be done through the root login at the ESX console.
iSCSI vSwitch:
esxcfg-vswitch -a vSwitch1
esxcfg-vswitch -L vmnic4 vSwitch1
esxcfg-vswitch -L vmnic5 vSwitch1
esxcfg-vswitch –add-pg=”iSCSI Service Console” vSwitch1
esxcfg-vswif -a -i 192.168.200.153 -n 255.255.255.0 -p “iSCSI Service Console” vswif1
esxcfg-vswitch -m 9000 vSwitch1
esxcfg-vswitch -A “iSCSI Network” vSwitch1
esxcfg-vmknic -a -i 192.168.200.53 -n 255.255.255.0 -m 9000 “iSCSI Network”vMotion vSwitch:
esxcfg-vswitch -a vSwitch2
esxcfg-vswitch -L vmnic2 vSwitch2
esxcfg-vswitch -L vmnic3 vSwitch2
esxcfg-vswitch -m 9000 vSwitch2
esxcfg-vswitch -A “vMotion Network” vSwitch2
esxcfg-vmknic -a -i 192.168.201.53 -n 255.255.255.0 -m 9000 “vMotion Network”
Tick vMotion tickbox in vCenter GUI (there’s no simple way to achieve this through the CLI, so just do it in the GUI).Voilla!
-
I didn’t include this command in the list above, but you can use this to enable VMotion:
vmware-vim-cmd hostsvc/vmotion/vnic_set vmkX
Where X is the number of the VMkernel NIC to be enabled for VMotion. The esxcfg-vmknic command can be used to enumerate the VMkernel NICs so that you know which one to use.
Thanks for sharing your information!
-
Thanks for the tip on enabling vMotion from the CLI!
I forgot to explain why the above iSCSI vSwitch config also includes a Service Console port in addition to the vmKernel port – this is added because iSCSI authentication is performed over the Service Console port and not the vmKernel, so we add a Service Console to make sure all iSCSI authentication traffic stays on the iSCSI network.
This was the case with ESX 3.x anyway – any idea if this is still the case with ESX 4?
-
ESX 4 no longer requires a service console port for iSCSI
-
I will have multiple nics on my host and want to assign them ips…is there a command for that? I’m not sure I’m understanding how that works.
Everything seems to focus on the service console and switches…I want to setup 2 nics to do a VM network. -
Thanks for publishing this. You saved me a support call to VMware since I couldnt find what I needed to get a VLAN assigned to the SC port group and didnt know how from the CLI. THANKS!!!
-
EDGe, I’m glad the information helped. Good luck!
-
it’s nice i think it’s better to give remaining commands for learns
Site Sponsors
12 comments
Comments feed for this article
Trackback link: http://blog.scottlowe.org/2009/06/23/new-user-networking-config-guide/trackback/