For other 5.1 deep dives:

  • Distributed Virtual Port Group Separation for management domain appliances

That’s a mouthful.

Today, the management components reside on a subnet/vlan that is shared with the management ESXi hosts vmk0 interface. We are changing this.

This feature enables the traffic isolation between management VMs (i.e., SDDC Manager, NSX Managers, vCenter, VxRail Manager & Edge Node VM) and the ESXi Management VMK interface.

During VCF bringup, there is an additional field (VM Management Network) in the deployment spreadsheet to configure this portgroup, it looks like this:

This is also configurable using a json, an additional networkType has been created called VM_MANAGEMENT

If this is not defined, the portgroup will still be created – using the values of the Management Network (ESXi vmk0 portgroup).

So what about existing deployments upgraded to 5.1?

Applying the 5.1 configuration drift will create another distributed portgroup and move all VMs connected to the original Management Portgroup, the information used to create this portgroup is replicated from the existing portgroup. There is no option to change this to a different VLAN/subnet as that would require IP changes, something we do not support. The name of this newly created portgroup will be what the management portgroup is named with the DVPG suffix.