VMware vSphere and IPv6: A Good Match?
Rick Vanover says you should consider disabling the protocol on vSphere.
- By Rick Vanover
- 09/15/2014
Have you ever tried to ping a system by name and have it not work? Specifically, you get a reply from an IPv6 address. You may wonder what you did wrong. As long as I've been virtualizing, I've been getting better and better with DNS, but still find that sometimes things don't quite working as expected. This is especially the case when I bring in different client systems (such as my Microsoft Surface that I use for a full docket of work when I travel), or perform certain administration tasks which may use the vSphere Web Client.
This made me think about IPv6 in general for data center systems. First, it's important to distinguish between datacenter systems and Internet-facing systems. I figured we'd be out of IPv4 addresses on the Internet by now, but in my data center I have plenty of private IPv4 addresses. So the core issue is whether vSphere systems (vCenter Server, ESXi hosts and so on) should have IPv6 configured.
I'd argue that you shouldn't have IPv6 enabled for installations in the data center where IPv4 is the intended and primary protocol. vSphere isn't fully ready for IPv6 for all components, but many datacenters don't require IPv6 for usage. The primary reason is supportability -- I'm comfortable supporting and troubleshooting IPv4, but can't say the same for IPv6.
What concerns me is that vSphere environments may have some traffic intended for transport over IPv4, but may actually travel over IPv6. Because of that issue in the context of troubleshooting, I'd suggest that IPv6 be disabled on key vSphere components (unless, of course, it's required).
Both the ESXi hosts and vCenter Server appliance have IPv6 enabled by default. If vCenter Server is installed as an application in Windows, the operating system configuration status will dictate if IPv6 is used. Figure 1 shows how an individual host can have the IPv6 stack configured.
The wild-card factor with IPv6 is some of the automatic name resolution techniques, so ensure that DNS and broadcast mechanisms are either configured or disabled to specific requirements.
This should also impact how vSphere administrators provision client systems and their network configuration, as well as their name resolution. Today, however, things are a bit different; networks have many different client systems or types of devices connecting, and in many cases those systems and devices are performing administrative tasks. Consider the example where I was connecting to the vSphere Web Client from a Surface tablet: this is a device for which I'm not so particular on my IPv4 vs. IPv6 configuration. At least, until I need to troubleshoot.
What's your stance on IPv6 for vSphere systems? I think this is a good case for managing host configuration through vSphere Host Profiles and configuring the vCenter Server host operating system to not use it IPv6. Share your IPv6 management strategies below.
About the Author
Rick Vanover (Cisco Champion, Microsoft MVP, VMware vExpert) is based in Columbus, Ohio. Vanover's experience includes systems administration and IT management, with virtualization, cloud and storage technologies being the central theme of his career recently. Follow him on Twitter @RickVanover.