ESXI 6.5 vSwitch vs PCI-passthrough for nics

GPz1100

I spent the last few hours reading threads about the topic and am no better off than when I started.

I understand with pci passthrough, the vm has full control of the nic.  With vswitch the nic can be shared between vm's.  Pci-passthrough has lower overhead.

My connection is symmetrical gigabit.  Esxi is running on an i5-5250u box with a quad port nic & 8GB of ram.

It makes sense to use pcipassthrough for the wan interface from both a security and performance perspective.  However it's more cloudy when it comes to the lan interface.  I suppose if I do use pci passthrough for the lan, I can always on of the other ports with a vswitch to bridge esxi vm's with the local lan (for now freepbx and a ups monitoring server).

With the pipe nearly saturated (~80MB/s), and wan set as pci-passthrough, I see ~ 50% utilization for the two cores (CORE UTIL(%):  up in the top left in esxtop).  I didn't record the values but recall utilization being even higher when port interfaces were virtualized (vmxnet3).

Thoughts, suggestions, best practices, reasons why?

Thanks!

behemyth

I am running symmetric gig and not using pci-pass through with no issues. I am using a 7 year old Xeon thats barely supported by ESXI anymore, and allowed the VM to have 4 vcpu's. This is probably close to your newer i5. When I am fully saturating the link i get 30-40% useage. Your milage may vary as well depending on what network card your using. I'm using a server grade dual intel NIC that handles just about everything on board.

The only real reason anymore to allow anything to use passthrough is using some storage software. When you virtualize storage devices they like to have full control over the bare metal devices, networking not so much.