Earlier this week I needed test something which required a VMware Distributed Virtual Switch (VDS) and this had to be a physical setup, so Nested ESXi was out of the question. I could have used my remote lab, but given what I was testing was a bit "experimental", I prefered using my home lab in the event I need direct console access. At home, I run ESXi on a single Apple Mac Mini and one of the challenges with this and other similar platforms (e.g. Intel NUC) is that they only have a single network interface. As you might have guessed, this is a problem when looking to migrate from a Virtual Standard Switch (VSS) to VDS, as it requires at least two NICS.

Unfortunately, I had no other choice and needed to find a solution. After a couple minutes of searching around the web, I stumbled across this serverfault thread here which provided a partial solution to my problem. In vSphere 5.1, we introduced a new feature which would automatically roll back a network configuration change if it negatively impacted network connectivity to your vCenter Server. This feature could be disabled temporarily by editing the vCenter Server Advanced Setting (config.vpxd.network.rollback) which would allow us to by-pass the single NIC issue, however this does not solve the problem entirely. What ends up happening is that the single pNIC is now associated with the VDS, but the VM portgroups are not migrated and the reason that this is problematic is that the vCenter Server is also running on the ESXi host which it is managing and has now lost network connectivity 🙂

I lost access to my vCenter Server and even though I could connect directly to the ESXi host, I was not able to change the VM Network to the Distributed Virtual Portgroup (DVPG). This is actually an expected behavior and there is an easy work around, let me explain. When you create a DVPG, there are three different bindings: Static, Dynamic, and Ephemeral that can be configured and by default, Static binding is used. Both Static and Dynamic DVPGs can only be managed through vCenter Server and because of this, you can not change the VM network to a non-Ephemeral DVPG and in fact, it is not even listed  when connecting to the vSphere C# Client. The simple work around is to create a DVPG using the Ephemeral binding and this will allow you to then change the VM network of your vCenter Server and is the last piece to solving this puzzle.

Disclaimer: This is not officially supported by VMware, please use at your own risk.

Here are the exact steps to take if you wish to migrate an ESXi host with a single NIC from a VSS to VDS and running vCenter Server:

Step 1 - Change the following vCenter Server Advanced Setting config.vpxd.network.rollback to false:

Note: Remember to re-enable this feature once you have completed the migration

Step 2 - Create a new VDS and the associated Portgroups for both your VMkernel interfaces and VM Networks. For the DVPG which will be used for the vCenter Server's VM network, be sure to change the binding to Ephemeral before proceeding with the VDS migration.

Step 3 - Proceed with the normal VDS Migration wizard using the vSphere Web/C# Client and ensure that you perform the correct mappings. Once completed, you should now be able connect directly to the ESXi host using either the vSphere C# Client or ESXi Embedded Host Client to confirm that the VDS migration was successful as seen in the screenshot below.

Note: If you forgot to perform Step 2 (which I initially did), you will need to login to the DCUI of your ESXi host and restore the networking configurations.

Step 4 - The last and final step is to change the VM network for your vCenter Server. In my case, I am using the VCSA and due to a bug I found in the Embedded Host Client, you will need to use the vSphere C# Client to perform this change if you are running VCSA 6.x. If you are running Windows VC or VCSA 5.x, then you can use the Embedded Host Client to modify the VM network to use the new DVPG.

Once you have completed the VM reconfiguration you should now be able to login to your vCenter Server which is now connected to a DVPG running on a VDS which is backed by a single NIC on your ESXi host 😀

There is probably no good use case for this outside of home labs, but I was happy that I found a solution and hopefully this might come in handy for others who might be in a similar situation and would like to use and learn more about VMware VDS.

20 thoughts on “Migrating ESXi to a Distributed Virtual Switch with a single NIC running vCenter Server

  1. The dvSwitch wizard in NGC gives you the option to move the vmkernel and VM portgroups at the same time

  2. I’m aware of that 🙂 I’ve used the wizard on several occasions, however as mentioned in the article, VM portgroups are NOT migrated. I suspect the reason is there’s a tiny blip in network connection when the VMkernel interfaces are migrated and VC does not actually get the last request to also move the VM portgroups (that’s my guess).

  3. Thanks a lot. Not so much time ago I suffered from this issue. Finally completed my objective with connecting additional nic but your article makes it so simple, thanks again and sorry for my poor English.

  4. Every time I come across your site I get a slap in the face: “of course, that’s how you do it!” and get reminded to visit more often for great tips. I will try this in my homelab on my 2 old Supermicro servers with only 1 NIC. Thanks!

  5. Dude, …. You literally would have saved me 2 hours of rolling back through ESXi console after messing around with this on single nics blades I had to create a VDS for. I got until the ephemereal part at which stage network went bananas. You sorted out for me the next steps and will retry this.


  6. Me and my Intel NUC home lab thank you. Not being able to have distributed vswitches really limited my testing.

  7. I have to say so many times when I try to google a hack out of net I was guided here… Thanks man. As working on virtualized cisco + vmware, you really play it well.

  8. Of course in my conversion I went gang busters and saved the vCenter server for last. No biggie, just added temp port group with binding mode ephemeral, migrated there, and then on step three proceeded normally by logging into the host and modifying the VMK to move it to the existing port group that had all of the migrated VMs in it.
    Top Notch!!

Thanks for the comment!

This site uses Akismet to reduce spam. Learn how your comment data is processed.