Updated: The Horror of Bogus “Pass4Sure” Testkits…

Posted on Posted in Teknocratica, VMware 2 Comments Tagged with , ,

As part of last-ditch effort to cram my brain with all things vSphere-related prior to my VCP5 exam, I ran into an online test available at Pass4Test.com. Wow – what a disaster!

This test is for vCloud but has a couple vSphere questions in it. Here is a sample question:

NO.5 On which two vSphere elements can traffic shaping be configured? (Choose two.)
A. On a vSphere Distributed Switch dvPort for inbound and/or outbound traffic
B. On a vSphere Distributed Switch for inbound and/or outbound traffic
C. On a vSphere Standard Switch port group or the entire vSwitch for inbound traffic
D. On a vSphere Standard Switch port group or the entire vSwitch for inbound and outbound traffic
Answer: A,B

Now…there is just one teensy little problem. They are wrong. Flat out, irretrievably, fail-the-test-now wrong. Read on for the Truth…

The problem is this: Of the possible answers – only “A” *could* be correct. Both C & D are wrong as they reference standard switches and inbound (ingress) traffic – standard switches do not support traffic shaping on inbound traffic. But – “B” is wrong, too. Why? Because you do not set traffic shaping on the distributed switch. You can set it on the *portgroup* for the distributed switch. Or, you can set it on the *port* within the distributed switch. But it is wrong to say you set traffic shaping on a distributed switch itself.

Traffic shaping is an interesting topic. You can shape traffic for Standard Switch or for Distributed Switch *portgroups* or *ports* (except for uplinks). But you cannot set traffic shaping for the “distributed switch” itself.

Standard Switch

First, get to the selection by going to Host -> Configuration -> Networking -> vSphere Standard Switch and then “Properties” for the standard switch.

vsphere_std_switch_properties

Traffic Shaping can be set for the following:

  • Standard Switch – Click on the “vSwitch” element (top of the list in the selection box) and click “Edit” – from there you can get to the Traffic Shaping tab.
  • Standard Switch Portgroup – Click on any portgroup such as the “VM Network” shown above. Then click the Traffic Shaping tab.

For both of these, the traffic shaping dialog is identical:

vsphere_std_switch_traffic_shape

Distributed Switch

According to the Pass4Test genius who stolewrote the sample questions, I should be able to set traffic shaping on the entire distributed switch. But…you cannot. In fact, here are the properties for DvS (Distributed vSwitch):
vsphere_dvs_props

Lots of good things to set! PVLAN, NetFlow (for traffic monitoring across hosts), Health Check (verify that all MTUs / VLANs / Teaming Policies match across hosts) – yes, we can set those. (Keep in mind; Health Check is one of those things like SSO Admin that is available only within the Web Client.) However, one thing conspicuous by its absence: Traffic Shaping.

Of course, we can use Traffic Shaping at the dvPg (Distributed vSwitch Portgroup) level. Just like within the vSphere Client, the Web Client gives us the ability to select a dvPg and set the Traffic Shaping (just slightly different from vSphere Client):
vsphere_dvs_pg_traffic

We can also set Traffic Shaping at the individual port level – this is different from the Standard Switch which only allows Traffic Shaping settings down to the portgroup. So…I can select, say, a vMotion port and set Traffic Shaping for it as shown below:
vsphere_dvs_pgport_traffic

Note above that – for Distributed Switches only – you can set both ingress and egress filtering. For a standard switch, you can only shape outbound traffic.

One thing I didn’t mention: for Distributed Switches, you have the ability to indicate which policies can be overridden. The following shot shows how this works within the Web Client for a Distributed Switch Portgroup – denying override will affect all ports within that portgroup.
vsphere_network_policy_overrides

To Sum Up…

Here is the truth about Traffic Shaping:

  • At the Standard Switch – Applies to all portgroups within that switch.
  • At the Standard Switch Portgroup – Applies to all ports within that portgroup.
  • At the Distributed Portgroup – Applies to all portgroups except for uplink portgroups. I didn’t cover uplink portgroups above, but they are a special case…the Traffic Shaping tab appears for them but it is always disabled.
  • At the Distributed Port – If the distributed portgroup permits the policy to be overridden, you can set Traffic Shaping at the port level.

So why am I going to all of this trouble (not to mention screenshots) to point out that the Pass4Test folks have a mistake? Because it points out the raw, unvarnished truth that certification is primarily about making $$ from network engineers. There is an entire large industry built around stolen exam questions (not just for the VCP exam – all of them). And the hysterical nature of most computing positions means that some poor slob is told “You Need to Get This Cert in Two Weeks!!” and – of course – will look for a way to bypass the thousands of pages and hundreds of hours required for study.

I think it’s a shame.

About

Team-oriented systems mentor with deep knowledge of numerous software methodologies, technologies, languages, and operating systems. Excited about turning emerging technology into working production-ready systems. Focused on moving software teams to a higher level of world-class application development. Specialties:Software analysis and development...Product management through the entire lifecycle...Discrete product integration specialist!

2 Comments on “Updated: The Horror of Bogus “Pass4Sure” Testkits…

  1. Dear Andrew
    I apologize for letting you believe that you are wrong. I am just bringing your attention to the question itself and the way it has been asked.

    Firstly you did not post my comment which is very poor of you. Let the readers be the judge!

    Secondly, LOGIC 101: you have to have the vDS to be able to do Bi-directional traffic shaping, I understand that traffic shaping is configured at the DV Port Group level but if you do not have vDS you cannot have DV Port Groups.
    Below is an extract from: http://www.vmware.com/files/pdf/VMW_09Q1_WP_vSphereNetworking_P8_R1.pdf
    “Bi-directional Traffic Shaping
    vDSexpands up on the egress only traffic shaping feature of Standard Switches with bi-directional traffic shaping capabilities.
    Egress (fromVMto network) and now ingress (from network intoVM)traffic shaping policies can now be applied on DV PortGroup Definitions.”

    I DO NOT HAVE ANY ASSOCIATION WITH THE COMPANY WHATSOEVER AND FOR THE FIRST TIME HEARD OF THEM THROUGH YOU POST.

    Now SHAME is on you for not reading and understanding the question properly AND not posting my comment and not allowing the reader to be the judge.

    This is the end of argument.

    Best regards
    Seerman

    Reply

    • Seerman – I do thank you for taking the time to read the post and to provide your thoughts…please take my original response as misplaced anger at finding quite a few bad question sites on the net.

      Mainly this post was a good way for me to get the various differences between standard / distributed switches clear in my mind especially relating to traffic shaping. I hope between it, the excellent VMware docs, and reader comments that aspiring VCPs will find it useful.

      Thanks again…

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*