Module 5 Lesson 2: Modifying Standard Virtual Switch Properties - VMware vSphere 4.1 Study Flash Car

Card Set Information

Author:
ntsyspro
ID:
121827
Filename:
Module 5 Lesson 2: Modifying Standard Virtual Switch Properties - VMware vSphere 4.1 Study Flash Car
Updated:
2012-01-11 07:56:52
Tags:
Modifying Standard Virtual Switch Properties VMware vSphere Study Flash Cards
Folders:

Description:
Modifying Standard Virtual Switch Properties - VMware vSphere 4.1 Study Flash Cards
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user ntsyspro on FreezingBlue Flashcards. What would you like to do?


  1. In the vSphere client, what can you change in the General tab of the standard virtual switch properties dialog box?
    You can change the number of ports for the entire switch.
  2. How many ports are created by default when a standard virtual switch is created?
    When a standard virtual switch is created, 120 ports are created by default
  3. What is the maximum number of ports a virtual standard switch supports?
    A standard virtual switch supports up to a maximum of 4088 ports.
  4. On a standard virtual switch, what type of ports are used for virtual machine connections and for uplinks (physical NICs)?
    Standard virtual switch ports.
  5. How many standard virtual switch ports are used for internal purposes by the VMkernel (host)?
    8 ports are used for internal purposes by the VMkernel.
  6. In the vSphere client after selecting an ESX/ESXi host from the inventory, which tab followed by which hardware panel links should you click to change the speed and duplex setting of a network adapter in a standard virtual switch?
    Configuration tab > Networking link > Properties link > Network Adapters tab > Edit button.
  7. What is the recommended ESX/ESXI Gigabit Ethernet network adapter speed, duplex settings?
    Auto negotiate.
  8. What VLAN tagging standard does ESX/ESXi support?
    ESX/ESXi supports 802.1Q VLAN tagging.
  9. On an ESX/ESXi port group VLAN, when are packets from a virtual machine tagged?
    Packets from a virtual machine are tagged as they exit the virtual switch.
  10. On an ESX/ESXi virtual switch VLAN, when are packets untagged?
    Packets are untagged as they return to the virtual machine.
  11. How is performance affected by ESX/ESXi VLAN tagging?
    Performance is not much affected.
  12. At what level can ESX/ESXi VLANs be configured?
    VLANs can be configured at the port group level.
  13. How does the ESX/ESXi host provide VLAN support?
    The ESX/ESXi host provides VLAN support through virtual switch tagging, which is provided by giving a port group a VLAN ID (by default, a VLAN ID is optional).
  14. What Vmware ESX/ESXi component takes care of all VLAN tagging and untagging as the packets pass through the virtual switch?
    The VMkernel.
  15. On an ESX/ESXi host configured with VLANs, how must the uplink physical switch port be defined/configured?
    The ESX/ESXi host's uplink physical switch port must be defined/ configured as a static trunk port.
  16. How many VMware vSphere network policies are there and what are they?
    • The three network policies are:
    • 1. Security
    • 2. Traffic shaping
    • 3. NIC teaming
  17. At what level can VMware network policies be defined?
    VMware network policies can be defined at the standard virtual switch level. They can also be defined for a VMkernel port, a virtual machine port group, or a service console port (ESX only).
  18. Name the standard virtual switch port types a network policy can be defined for on an ESX host?
    • VMkernel port
    • individual port
    • machine port group
    • service console port
  19. Name the standard virtual switch port types a network policy can be defined for on an ESXi host?
    • VMkernel port
    • individual port
    • machine port group
  20. When different network policies are defined at the individual port or port group level and the entire standard virtual switch level which policy will be overriden?
    The standard virtual switch level policy will be overriden.
  21. What is a trunk port?
    A trunk port is a port on a physical Ethernet switch that is configured to send and receive packets tagged with a VLAN ID.
  22. What VLAN configuration is required in a virtual machine?
    No VLAN configuration is required in a virtual machine. In fact, the virtual machine does not know that it is connected to a VLAN.
  23. Name the three network security policy "Policy Exceptions".
    1. Promiscuous Mode - When set to Reject, placing a guest adapter in promiscuous mode has no effect on which frames are received by the adapter (default is Reject).

    2. MAC Address Changes - When set to Reject, if the guest attempts to change the MAC address assigned to the virtual NIC, it stops receiving frames (default is Accept).

    3. Forged Transmits - When set to Reject, the virtual NIC drops any frames that the guest sends, where the source address field contains a MAC address other than the assigned virtual NIC MAC address (default is Accept).
  24. When would you set the Promiscuous Mode network security "Policy Exception" to Accept?
    Set promiscuous Mode to Accept if you want to use an application in a virtual machine that analyzes or sniffs packets, such as a network-based intrusion detection system.
  25. When would you set the MAC Address Changes and Forged Transmits network security "Policy Exceptions" to Reject?
    Set MAC Address Changes and Forged Transmits network security "Policy Exceptions" to Reject to help protect against certain attacks launched by a rogue guest opertating system.
  26. When would you leave the MAC Address Changes and Forged Transmits network security "Policy Exceptions" at their default values (Accept)?
    Leave the MAC Address Changes and Forged Transmits at their default values (Accept) if your applications change the mapped MAC address, as do some guest operating system-based firewalls.
  27. Name the vClient steps/clicks to get to the network security policy Security Tab.
    • 1. Click the host's Configuration tab.
    • 2. Select the Networking link.
    • 3. Click Properties next to the virtual switch to be modified.
    • 4. In the vSwitch Properties dialog box, select the port group and click Edit.
    • 5. Click the Security tab.
  28. Traffic-Shaping Policy

    What is Network traffic shaping?
    Network traffic shaping is a mechanism for controlling a virtual machine's network bandwidth.
  29. Traffic-Shaping Policy

    How can a virtual machine's network bandwidth be controlled?
    A virtual machine's network banwidth can be controlled by enabling the network traffic shaper.
  30. Traffic-Shaping Policy

    The network traffic shaper, when used on a standard virtual switch, shapes outbound and inbound network traffic. True or False?

    If False, Why?
    False. An ESX/ESXi host's standard virtual switch shapes outbound network traffic only.
  31. Traffic-Shaping Policy

    What is the recommended to control inbound/shape traffic to an ESX/ESXi host's standard virtual switch?
    Use a load-balancing system, or turn on rate-limiting features on the physical router.
  32. Configuring Traffic Shaping

    Is Traffic shaping disabled or enabled by default?
    Traffic shaping is disabled by default.
  33. Configuring Traffic Shaping

    Traffic shaping parameters apply to each virtual NIC in the standard virtual switch. True or False?

    If False, Why?
    True.
  34. Configuring Traffic Shaping

    On a standard switch, traffic shaping controls outbound traffic only. True or False?

    If False, Why?
    True.
  35. Configuring Traffic Shaping

    The ESX/ESXi host shapes standard virtual switch traffic by establishing parameters for what three traffic characteristics?
    • 1. average bandwidth
    • 2. peak bandwidth
    • 3. burst size
  36. Configuring Traffic Shaping

    At what level can you establish a traffic-shaping policy?
    You can establish a traffic-shaping policy at either the virtual switch level or the port group level.
  37. Configuring Traffic Shaping

    Traffic shaping parameter settings at the virtual switch level override settings at the port group level. True or False?

    If False, Why?
    False. Traffic shaping parameter settings at the port group level always override virtual switch level settings.
  38. Configuring Traffic Shaping

    Name and define the ESX/ESXi host's standard virtual switch three Traffic Shaping "Policy Exceptions".
    • 1. Average Bandwidth - Establishes the number of kilobits per second to allow across a port, averaged over time. The average bandwidth is the allowed average load.
    • 2. Peak Bandwidth - The maximum number of kilobits per second to allow across a port when it is sending a burst of traffic. This tops the banwidth used by a port whenever the port is using its burst bonus.
    • 3. Burst Size - The maximum number of kilobytes to allow in a burst. If this parameter is se, a port might gain a burst bonus if it does not use all its allocated bandwidth.
  39. Configuring Traffic Shaping

    Name the measuerment specification for each of the following Traffic Shaping "Policy Exceptions"/charactersistic parameters:

    1. Average bandwidth
    2. Peak bandwidth
    3. Burst size
    • 1. Average bandwidth = kilobits per second (Kbps)
    • 2. Peak bandwidth = kilobits per second (Kbps)
    • 3. Burst size = kilobytes (KB)
  40. Traffic-Shaping Policy

    What is the formula for Burst Size?
    Burst size = bandwidth x time.
  41. NIC Teaming Policy

    What do NIC teaming policies allow you to determine/configure?
    NIC teaming policies allow you to determine/configure how network traffic is distributed between adapters and how to reroute traffic in the event of an adapter failure.
  42. NIC Teaming Policy

    Name the two network conditions that NIC teaming policies address.
    • 1. Load Balancing (outbound only).
    • 2. Network Failure Detection
  43. NIC Teaming Policy

    Default NIC teaming policies are set for the entire standard switch. True or False?

    If False, Why?
    True.
  44. NIC Teaming Policy

    Name the five NIC Teaming "Policy Exceptions" settings.
    • 1. Load Balancing
    • 2. Network Failover Detection
    • 3. Notiy Switches
    • 4. Failback
    • 5. Failover Order
  45. NIC Teaming Policy

    Port group NIC Teaming Policies override standard virtual switch NIC Teaming Policies. True or False?

    If False, Why?
    True.
  46. NIC Teaming Policy

    What are the 5 steps to modify NIC teaming policies for a port group.
    • 1. Click the ESX/ESXi host's Configuration tab.
    • 2. Click the Networking link.
    • 3. Click the Properties link next to the virtual switch on which the port group is located.
    • 4. Select the port group in the list of ports and click Edit.
    • 5. In the port group Properties window, click the NIC Teaming tab.
  47. Load-Balancing Method: Port ID-Based

    What is routing based on the originating port ID called?
    Routing based on the originating port ID is called virtual port ID load balancing.
  48. Load-Balancing Method: Port ID-Based

    With virtual port ID load balancing how is a virtual machine's outbound traffic mapped to physical NICs?
    With virtual port ID load balancing a virtual machines's outbound traffic is mapped to a specific physical NIC.
  49. Load-Balancing Method: Port ID-Based

    With virtual port ID load balancing how is the NIC a virtual machine's outbound traffic is mapped to determined?
    The NIC is determined by the ID of the virtual switch port to which the virtual machine is connected.
  50. Load-Balancing Method: Port ID-Based

    Virtual port ID load balancing is simple and fast and requires the VMkernel to examine the frame for necessary information. True or False?

    If False, Why?
    False. Virtual port ID load balancing is simple and fast and does not require the VMkernel to examine the frame for necessary information.
  51. Load-Balancing Method: Port ID-Based

    When the load is distributed in the NIC team using the port-based method, which (when does) single-NIC virtual machine gets more bandwidth than can be provided by a single physical adapter?
    No single-NIC virtual machine gets more bandwidth than can be provided by a single physical adapter
  52. Load-Balancing Method: Source MAC-Based

    With Source MAC hash-based load balancing how is a virtual machine's outbound traffic mapped to physical NICs?
    With Source MAC hash-based load balancing each virtual machines's outbound traffic is mapped to a specific physical NIC that is based on the virtual machine NIC's MAC address.
  53. Load-Balancing Method: Source MAC-Based

    Source MAC hash-based has low overhead, is compatible with all switches and spreads traffic evenly across the physical NICs. True or False?

    If False, Why?
    False. Source MAC hash-based has low overhead and is compatible with all switches but it might not spread traffic evenly across the physical NICs.

    Don't use this method - not recommended.
  54. Load-Balancing Method: Source MAC-Based

    When the load is distributed in the NIC team using the MAC-based method, no single-NIC virtual machine gets more bandwidth than can be provided by a single physical adapter. True or False?

    If False, Why?
    True.
  55. Load-Balancing Method: Source IP-Based

    With Source IP hash-based load balancing how is a virtual machine's outbound traffic mapped to physical NICs?
    With Source IP hash-based load balancing a physical NIC for each virtual machine's outbound packet is chosen based on its source and destination IP address.
  56. Load-Balancing Method: Source IP-Based

    Source IP hash-based load balancing has lower CPU overhead and better distribution of traffic across physical NICs. True or False?

    If False, Why?
    False. Source IP hash-based load balancing does have better distribution of traffic across physical NICs but has higher CPU overhead.
  57. Load-Balancing Method: Source IP-Based

    What "IEEE standard" or "Cisco" switch port technology does the Source IP-Based load balancing method require on the physical switch?
    IEEE 802.3ad link aggregation control protocol (LACP) support

    Cisco EtherChannel port trunking
  58. Load-Balancing Method: Source IP-Based

    When the load is distributed in the NIC team using the Source IP hash-based load balancing method, no single-NIC virtual machine gets more bandwidth than can be provided by a single physical adapter. True or False?

    If Fase, Why?
    False. When the load is distributed in the NIC team using the IP-based method, a single-NIC virtual machine might use the bandwidth of multiple physical adapters.
  59. Load-Balancing Method: Source IP-Based

    With Source IP hash-based load balancing, when one virtual machine communicates to different clients, how is the virtual machine's outbound traffic mapped to physical NICs?
    When one virtual machine communicates to different clients, it chooses different phyiscal NICs.
  60. Detecting and Handling Network Failure

    What can the VMkernel use to detect a network failure?
    The VMkernel can use link status or beaconing or both to detect a network failure.
  61. Detecting and Handling Network Failure

    What ESX/ESXi component monitors and detects network failure?
    Network failure is detected by the VMkernel, which monitors:

    • Link state only
    • Link state plus deaconing (do not turn on unless advised by switch vendor).
  62. Detecting and Handling Network Failure

    What condition does the VMkernel monitor and what network device provides the condition which enables the VMkernel to detect network failure?
    The VMkernel monitors the link status provided by the network adapter to detect failures like cable pulls and physical switch power failures.
  63. Detecting and Handling Network Failure

    What network adapter conditions can the VMkernel use/monitor to detect a network failure?
    The VMkernel can use link status or beaconing or both to detect a network failure.
  64. Detecting and Handling Network Failure

    The VMkernel can detect configuration errors like a physical switch port that is blocked by a spanning tree or misconfigured to the wrong VLAN and cable pulls or link failures on the upstream side of the physical switch. True or False?

    If False, Why?
    Fase. The VMkernel can not detect configuration errors or cable pulls or link failures on the upstream side of the physical switch.
  65. Detecting and Handling Network Failure

    Beaconing introduces a load of a ___ packet approximately every __ seconds per physical NIC.
    Beaconing introduces a load of a 62-byte packet approximately every 10 seconds per physical NIC.
  66. Detecting and Handling Network Failure

    When beaconing is activated, what does the VMkernel send out and listen for?
    When beaconing is activated, the VMkernel sends out and listens for probe packets on all NICs in the NIC team.
  67. Detecting and Handling Network Failure

    What NIC Teaming Policy technique can detect failures that link-status monitoring alone cannot?
    Beaconing.

    Beaconing introduces a load of a 62-byte packet approximately every 10 seconds per physical NIC - when activated, the VMkernel sends and listens for probe packets on all NICs in the NIC team. You should consult your switch manufacturer to confirm the benefit of configuring beaconing in your environment.
  68. Detecting and Handling Network Failure

    What NIC Teaming Policy "Policy Exception" when set to "yes" will cause a physical switch to be notified by the VMkernel whenever a virtual NIC is connected to a virtual switch?
    Notify Switches

  69. Detecting and Handling Network Failure

    A physical switch can not be notified whenever a failover event causes a virtual NICs traffic to be routed over a different physical NIC. True or False?

    If False, Why?
    False.

    When the NIC Teaming Policy Notify Switches "Policy Exception" is set to "yes" a physical switch can be notified whenever a failover event causes a virtual NICs traffic to be routed over a different physical NIC. The notification is sent out over the network to update the lookup tables on physical switches.
  70. Detecting and Handling Network Failure

    In most cases, the NIC Teaming Policy "Notify Switches" "Policy Execption" notification process is desirable because otherwise virtual machines would experience greater latency after failovers and vMotion operations. True or False?

    If False, Why?
    True.
  71. Detecting and Handling Network Failure

    When virtual machines connected to a port group are running unicast-mode Microsoft Network Load Balancing, what NIC Teaming Policy "Policy Execption" option should not be set?
    Notify Switches.
  72. Detecting and Handling Network Failure

    Virtual machines running Microsoft Network Load Balancing in multicast-mode connected to a port group are not affected by the NIC Teaming Policy "Policy Execption" Notify Switches option setting. True or False?

    If False, Why?
    True.
  73. Detecting and Handling Network Failure

    When using NIC Teaming Policy explict failover order option, you should always use the highest order uplink from the list of active adapters that pass failover-detection criteria. True or False?

    If False, Why?
    True.
  74. Detecting and Handling Network Failure

    What NIC Teaming Policy "Policy Exception" option determines how a physical adapter is returned to active duty after recovering from a failure?
    The Failback option.
  75. Detecting and Handling Network Failure


    If the Failback NIC Teaming Policy "Policy Exception" is set to NO, the failed adapter is returned to active duty immediately upon recovery, displacing the standby adapter that took its place at the time of failure. True or False?

    If False, Why?
    False. If the Failback NIC Teaming Policy "Policy Exception" is set to YES, the failed adapter is returned to active duty immediately upon recovery, displacing the standby adapter that took its place at the time of failure.
  76. Detecting and Handling Network Failure

    If the Failback NIC Teaming Policy "Policy Exception" option is set to YES, a failed adapter is left inactive even after recovery, until another currently active adapter fails, requiring its replacement. True or False?

    If False, Why?
    False. If the Failback NIC Teaming Policy "Policy Exception" option is set to NO, a failed adapter is left inactive even after recovery, until another currently active adapter fails, requiring its replacement.

What would you like to do?

Home > Flashcards > Print Preview