6.5.1
Table Of Contents
- vSphere Networking
- Contents
- About vSphere Networking
- Updated Information
- Introduction to Networking
- Setting Up Networking with vSphere Standard Switches
- Setting Up Networking with vSphere Distributed Switches
- vSphere Distributed Switch Architecture
- Create a vSphere Distributed Switch
- Upgrade a vSphere Distributed Switch to a Later Version
- Edit General and Advanced vSphere Distributed Switch Settings
- Managing Networking on Multiple Hosts on a vSphere Distributed Switch
- Tasks for Managing Host Networking on a vSphere Distributed Switch
- Add Hosts to a vSphere Distributed Switch
- Configure Physical Network Adapters on a vSphere Distributed Switch
- Migrate VMkernel Adapters to a vSphere Distributed Switch
- Create a VMkernel Adapter on a vSphere Distributed Switch
- Migrate Virtual Machine Networking to the vSphere Distributed Switch
- Use a Host as a Template to Create a Uniform Networking Configuration on a vSphere Distributed Switch
- Remove Hosts from a vSphere Distributed Switch
- Managing Networking on Host Proxy Switches
- Distributed Port Groups
- Working with Distributed Ports
- Configuring Virtual Machine Networking on a vSphere Distributed Switch
- Topology Diagrams of a vSphere Distributed Switch in the vSphere Web Client
- Setting Up VMkernel Networking
- VMkernel Networking Layer
- View Information About VMkernel Adapters on a Host
- Create a VMkernel Adapter on a vSphere Standard Switch
- Create a VMkernel Adapter on a Host Associated with a vSphere Distributed Switch
- Edit a VMkernel Adapter Configuration
- Overriding the Default Gateway of a VMkernel Adapter
- Configure the VMkernel Adapter Gateway by Using ESXCLI
- View TCP/IP Stack Configuration on a Host
- Change the Configuration of a TCP/IP Stack on a Host
- Create a Custom TCP/IP Stack
- Remove a VMkernel Adapter
- LACP Support on a vSphere Distributed Switch
- Convert to the Enhanced LACP Support on a vSphere Distributed Switch
- LACP Teaming and Failover Configuration for Distributed Port Groups
- Configure a Link Aggregation Group to Handle the Traffic for Distributed Port Groups
- Edit a Link Aggregation Group
- Enable LACP 5.1 Support on an Uplink Port Group
- Limitations of the LACP Support on a vSphere Distributed Switch
- Backing Up and Restoring Networking Configurations
- Rollback and Recovery of the Management Network
- Networking Policies
- Applying Networking Policies on a vSphere Standard or Distributed Switch
- Configure Overriding Networking Policies on Port Level
- Teaming and Failover Policy
- VLAN Policy
- Security Policy
- Traffic Shaping Policy
- Resource Allocation Policy
- Monitoring Policy
- Traffic Filtering and Marking Policy
- Traffic Filtering and Marking on a Distributed Port Group or Uplink Port Group
- Enable Traffic Filtering and Marking on a Distributed Port Group or Uplink Port Group
- Mark Traffic on a Distributed Port Group or Uplink Port Group
- Filter Traffic on a Distributed Port Group or Uplink Port Group
- Working with Network Traffic Rules on a Distributed Port Group or Uplink Port Group
- Disable Traffic Filtering and Marking on a Distributed Port Group or Uplink Port Group
- Traffic Filtering and Marking on a Distributed Port or Uplink Port
- Enable Traffic Filtering and Marking on a Distributed Port or Uplink Port
- Mark Traffic on a Distributed Port or Uplink Port
- Filter Traffic on a Distributed Port or Uplink Port
- Working with Network Traffic Rules on a Distributed Port or Uplink Port
- Disable Traffic Filtering and Marking on a Distributed Port or Uplink Port
- Qualifying Traffic for Filtering and Marking
- Traffic Filtering and Marking on a Distributed Port Group or Uplink Port Group
- Manage Policies for Multiple Port Groups on a vSphere Distributed Switch
- Port Blocking Policies
- Isolating Network Traffic by Using VLANs
- Managing Network Resources
- DirectPath I/O
- Single Root I/O Virtualization (SR-IOV)
- SR-IOV Support
- SR-IOV Component Architecture and Interaction
- vSphere and Virtual Function Interaction
- DirectPath I/O vs SR-IOV
- Configure a Virtual Machine to Use SR-IOV
- Networking Options for the Traffic Related to an SR-IOV Enabled Virtual Machine
- Using an SR-IOV Physical Adapter to Handle Virtual Machine Traffic
- Enabling SR-IOV by Using Host Profiles or an ESXCLI Command
- Virtual Machine That Uses an SR-IOV Virtual Function Fails to Power On Because the Host Is Out of Interrupt Vectors
- Remote Direct Memory Access for Virtual Machines
- Jumbo Frames
- TCP Segmentation Offload
- Enable or Disable Software TSO in the VMkernel
- Determine Whether TSO Is Supported on the Physical Network Adapters on an ESXi Host
- Enable or Disable TSO on an ESXi Host
- Determine Whether TSO Is Enabled on an ESXi Host
- Enable or Disable TSO on a Linux Virtual Machine
- Enable or Disable TSO on a Windows Virtual Machine
- Large Receive Offload
- Enable Hardware LRO for All VMXNET3 Adapters on an ESXi Host
- Enable or Disable Software LRO for All VMXNET3 Adapters on an ESXi Host
- Determine Whether LRO Is Enabled for VMXNET3 Adapters on an ESXi Host
- Change the Size of the LRO Buffer for VMXNET 3 Adapters
- Enable or Disable LRO for All VMkernel Adapters on an ESXi Host
- Change the Size of the LRO Buffer for VMkernel Adapters
- Enable or Disable LRO on a VMXNET3 Adapter on a Linux Virtual Machine
- Enable or Disable LRO on a VMXNET3 Adapter on a Windows Virtual Machine
- Enable LRO Globally on a Windows Virtual Machine
- NetQueue and Networking Performance
- vSphere Network I/O Control
- About vSphere Network I/O Control Version 3
- Upgrade Network I/O Control to Version 3 on a vSphere Distributed Switch
- Enable Network I/O Control on a vSphere Distributed Switch
- Bandwidth Allocation for System Traffic
- Bandwidth Allocation for Virtual Machine Traffic
- About Allocating Bandwidth for Virtual Machines
- Bandwidth Allocation Parameters for Virtual Machine Traffic
- Admission Control for Virtual Machine Bandwidth
- Create a Network Resource Pool
- Add a Distributed Port Group to a Network Resource Pool
- Configure Bandwidth Allocation for a Virtual Machine
- Configure Bandwidth Allocation on Multiple Virtual Machines
- Change the Quota of a Network Resource Pool
- Remove a Distributed Port Group from a Network Resource Pool
- Delete a Network Resource Pool
- Move a Physical Adapter Out the Scope of Network I/O Control
- Working with Network I/O Control Version 2
- MAC Address Management
- Configuring vSphere for IPv6
- Monitoring Network Connection and Traffic
- Capturing and Tracing Network Packets by Using the pktcap-uw Utility
- pktcap-uw Command Syntax for Capturing Packets
- pktcap-uw Command Syntax for Tracing Packets
- pktcap-uw Options for Output Control
- pktcap-uw Options for Filtering Packets
- Capturing Packets by Using the pktcap-uw Utility
- Trace Packets by Using the pktcap-uw Utility
- Configure the NetFlow Settings of a vSphere Distributed Switch
- Working With Port Mirroring
- vSphere Distributed Switch Health Check
- Switch Discovery Protocol
- Capturing and Tracing Network Packets by Using the pktcap-uw Utility
- Configuring Protocol Profiles for Virtual Machine Networking
- Multicast Filtering
- Stateless Network Deployment
- Networking Best Practices
What to do next
If the contents of the packet are saved to a file, copy the file from the ESXi host to the system that runs a
graphical analyzer tool, such as Wireshark, and open it in the tool to examine the packet details.
Capture Packets at DVFilter Level
Examine how packets change when they pass through a vSphere Network Appliance (DVFilter).
DVFilters are agents that reside in the stream between a virtual machine adapter and a virtual switch.
They intercept packets to protect virtual machines from security attacks and unwanted traffic.
Procedure
1 (Optional) To find the name of the DVFilter that you want to monitor, in the ESXi Shell, run the
summarize-dvfilter command.
The output of the command contains the fast-path and slow-path agents of the DVFilters that are
deployed on the host.
2 Run the pktcap-uw utility with the --dvfilter dvfilter_name argument and with options to
monitor packets at a particular point, filter captured packets and save the result to a file.
pktcap-uw --dvFilter dvfilter_name --capture PreDVFilter|PostDVFilter [filter_options] [--outfile
pcap_file_path [--ng]] [--count number_of_packets]
where the square brackets [] enclose optional items of the pktcap-uw --dvFilter vmnicX
command and the vertical bars | represent alternative values.
a Use the --capture option to monitor packets before or after the DVFilter intercepts them.
pktcap-uw Command Option Goal
--capture PreDVFilter
Capture packets before they enter the DVFilter.
--capture PostDVFilter
Capture packets after they leave the DVFilter.
b Use a filter_options to filter packets according to source and destination address, VLAN ID,
VXLAN ID, Layer 3 protocol, and TCP port.
For example, to monitor packets from a source system that has IP address 192.168.25.113, use
the --srcip 192.168.25.113 filter option.
c Use options to save the contents of each packet or the contents of a limited number of packets to
a .pcap or .pcapng file.
n
To save packets to a .pcap file, use the --outfile option.
n
To save packets to a .pcapng file, use the --ng and --outfile options.
You can open the file in a network analyzer tool such as Wireshark.
By default, the pktcap-uw utility saves the packet files to the root folder of the ESXi file system.
d Use the--count option to monitor only a number of packets.
vSphere Networking
VMware, Inc. 230