It is time to compare some of the networking features of Hyper-V and VMware vSphere. Networking is one of the key elements of a Private Cloud. It is important to have a simple and scalable network infrastructure which is fast and secure. That’s why Microsoft invested into Hyper-V networking with creating features like built in NIC teaming, Network Virtualization and other security and offloading features.
- SR-IOV Support – Single-root I/O virtualization supports native IOV in existing single root complex PCI-E topologies. It requires support for new device capabilities to configure multiple virtualized configuration spaces.
- Network Virtualization
- PVLAN support – Provide isolation between two virtual machines on the same VLAN
- Dynamic Virtual Machine Queue (D-VMQ) – D-MVQ will dynamically span processing Virtual Machine Queue traffic across multiple CPUs.
- DHCP Guard – Protects the environment from DHCP servers installed in a virtual machine
- Router Guard – Protects the environment from router advertisement installed in a virtual machine
- Port mirroring
- Port ACLs – isolation of network traffic for virtual network adapters and virtual ports.
- VLAN Trunk mode – Allows directing traffic from a group of VLANs to a specific VM
- IPsec Task offload – Allows to offload IPsec traffic to the physical network adapter
- Integrated Network Adapter Teaming
- The maximum size of a physical disk in attached to a Hyper-V virtual machine is determined by the guest operating system and the chosen file system within the guest
- vStorage API for Multipathing (VAMP) is only available in Enterprise & Enterprise Plus editions of vSphere 5.0
- vStorage API for Array Integration (VAAI) is only available in Enterprise & Enterprise Plus editions of vSphere 5.0
- VMware documentation does not suggests that their respective platforms support 4K Advanced Format Drives
Capability | Windows Server 2012 RC Hyper-V | VMware vSphere Hypervisor | VMware vSphere 5.0 Enterprise Plus |
Extensible Switch | Yes | No | Replaceable |
Available Partner Extensions | 4 | No | 2 |
PVLAN Support | Yes | No | Yes |
ARP/ND Spoofing Protection | Yes | No | vShield App/Partner |
DHCP Snooping Protection | Yes | No | vShield App/Partner |
Virtual Port ACLs | Yes | No | vShield App/Partner |
Trunk Mode to Virtual Machines | Yes | No | No |
Port Monitoring | Yes | Per Port Group | Yes |
Port Mirroring | Yes | Per Port Group | Yes |
Dynamic Virtual Machine Queue | Yes | NetQueueC | NetQueue |
IPsec Task Offload | Yes | No | No |
SR-IOV | Yes | DirectPath I/O | DirectPath I/O |
Network Virtualization | Yes | No | Partner |
- The vSphere Distributed Switch (required for PVLAN capability) is available only in the Enterprise Plus edition of vSphere 5.0 and thus far, seems to be replaceable (By Partners such as Cisco/IBM) rather than extensible.
- ARP Spoofing, DHCP Snooping Protection & Virtual Port ACLs require either vShield App or a Partner solution, all of which are additional purchases on top of vSphere 5.0 Enterprise Plus
- Port Monitoring and Mirroring at a granular level requires vSphere Distributed Switch, which is available in the Enterprise Plus edition of vSphere 5.0.
- Dynamic Virtual Machine Queue (DVMQ) is not supported by either XenServer or vSphere, which both support regular VMq (known as NetQueue on vSphere).
-
DirectPath IO, whilst not identical to SR-IOV, aims to provide virtual machines with more direct access to hardware devices, with network cards being a good example. Whilst on the surface, this will boost VM networking performance, and reduce the burden on host CPU cycles, in reality, there are a number of caveats in using DirectPath I/O:
- Very small Hardware Compatibility List
- No Memory Overcommit
- No vMotion (unless running certain configurations of Cisco UCS)
- No Fault Tolerance
- No Network I/O Control
- No VM Snapshots (unless running certain configurations of Cisco UCS)
- No Suspend/Resume (unless running certain configurations of Cisco UCS)
- No VMsafe/Endpoint Security support
- No such restrictions are imposed when using SR-IOV, ensuring customers can combine the highest levels of performance with the flexibility they need for an agile infrastructure.
Sources:
- TechEd session “VIR311 – Compete to Win | Part I: Comparing Core Virtualization Platforms” from Matt McSpirit (@mattmcspirit)
- http://www.vmware.com/products/cisco-nexus-1000V/overview.html,
- http://www-03.ibm.com/systems/networking/switches/virtual/dvs5000v/,
- http://www.vmware.com/technical-resources/virtualization-topics/virtual-networking/distributed-virtual-switches.html,
- http://www.vmware.com/products/vshield-app/features.html
- http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/data_sheet_c78-492971.html
- http://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.0.pdf
Check out my Blog post Hyper-V 2012 – Hey I Just Met You And This Is Crazy for more information about the latest version of Hyper-V.
Tags: Hyper-V, Microsoft, Network, Networking, Virtual Machine, VMQ, VMware, vSphere, Windows Server, Windows Server 2012 Last modified: July 2, 2012
could you provide some sample pictures of how the virtual network designer looks like? Is it possible to design complex networks? Where would you personally see the limits/border of the virtual network design or when would you switch to changing the physical design of your cloud?
You can find some sample pictures here:
https://www.thomasmaurer.ch/2012/06/system-center-2012-sp1-ctp2-virtual-machine-manager-improvements-1/
http://blogs.technet.com/cfs-filesystemfile.ashx/__key/communityserver-blogs-components-weblogfiles/00-00-00-62-43-metablogapi/3482.image_5F00_8.png
http://4.bp.blogspot.com/_kqRKLLdia-M/Ssmm_58RcoI/AAAAAAAABQI/z8WIuj5gVeA/s400/7.jpg
I would recommend you reading the article about Network Virtualization which will be included in Windows Server 2012 http://social.technet.microsoft.com/wiki/contents/articles/11524.windows-server-2012-hyper-v-network-virtualization-survival-guide.aspx