limey36
Enthusiast
Enthusiast

Virtual Network Configuration

Jump to solution

Hi all,

Hoping for some help here from the network gurus. I've been in discussion with the physical network folks around NIC teaming on a virtual switch. In other words, 2 (or more) active NICs on one virtual switch. The physical network guys are telling me the only way I can do it is to point both NICs at one physical switch rather than one NIC to each physical switch as that would create problems on their side with the same MAC being seen down two sep. paths. Is this correct? I don't know enough about the physical side to know if this is accurate or not. I'm curious how other people are configuring NIC teaming, and how VMware handles the MAC issues the network guys keep hammering me with. I think we may have a clash of terminology between the virtual and physical sides.......

One point I should mention - everything is on the same subnet.

Thanks for any help or solution examples you can provide!

L

0 Kudos
1 Solution

Accepted Solutions
Erik_Zandboer
Expert
Expert

Hi,

When creating a default NIC team, ESX will use round-robin scheduling to assign VMs to A SINGLE network link. Every time you need a NIC connection, the ESX kernel will select a single NIC to use. Ergo each MAC address is visible on only one single link. Therefore you do not need to do anything on the physical switches to get it working. They will simply see a bunch of MACs from the different VMs that were bound to that connection. Each MAC will be seen on one of the physical connections only.

If a link fails, ESX will detect this, and put the VMs that were using that link to the other links (once again using roudn robin). After that, it will ARP the physical switch(es) to tell them where the MACs can be found. Even now, a MAC will only be seen through a single physical link.

Message was edited by: Erik Zandboer:

So you absolutely do NOT need etherchannelling / port aggregation on your physical switch(es)!!

Visit my blog at http://www.vmdamentals.com

View solution in original post

0 Kudos
11 Replies
Jorgen_J
Enthusiast
Enthusiast

No this is not an issue.

Since your not publishing the same MAC address on both path at the same time. What you're connecting to the physical switch is two or more seperate physical network adapters with physical mac addresses. it's not like you will split the nic cable in half and connect each half to seperated switches. if this is what your network folks thinks, then perhaps they shouldn't work with network at all.

make a presentation for them.

If you install a HP dl380 G5 with dual nic's in with a windows OS. you connect the dual nics to two seperated Switches, like you would do in a redundant enviorment. basicly now you only have two diffrent nic's in the lan. then you install HP Network tools and make a load balancing team of the two nic's. the two nics will share a new MAC address (a virtual MAC address).. this is a common setup in a Network, hell this is HP best practice. and this shouldn't work for ............... ,,, no tell your network guys to find some new jobb instead.

Jolle

Linux is like a wigwam. It has no Windows or Gates and it got Apache inside.

Linux is like a wigwam. It has no Windows or Gates and it got Apache inside.
rriva
Expert
Expert

There will be NO problems at all if you connect the two NIC to different phisical switch.

I have an infrastructure with Phisical machine with 4 nics in the same virtual switch, and I've connected it on two phisical switch.

Tell your guys that it will be similar than NCI TEAMING on a phisical machine.

Bye

Ric

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
limey36
Enthusiast
Enthusiast

Thanks to both of you for your reply. Sounds good on the physical NIC front, what about the MAC of the VM? Will the MAC of the VM be visible on both paths or just down one at a time. I think this is where the network team is confusing themselves and me in the process..............2 physical NICs on the same vswitch, one NIC to each physical switch, VM assigned the vswitch as it's NIC so it has two paths, one to each physical switch. Again, this active/active nic teaming, not active/standby.

Thanks again all!

L

0 Kudos
limey36
Enthusiast
Enthusiast

Ric,

Thanks for the response. I've done this is the past too with no issue. The problem I'm having here is explaining to an extremely inquisitive network team how it works. How VMware handles it. They continually tell me it won't work as the physical switches will see the VMs MAC (not the physical nic mac) down two different paths. I don't know enough about their side to debate it with them......

0 Kudos
Texiwill
Leadership
Leadership

Hello,

There are a few RFC's involved here:

802.3ad --- Bonding, this is what most people think about when you mention NIC Teaming. ESX can do this, but generally does not.

802.1q --- VLAN Tagging, ESX has 3 definitions based on the endpoint of the VLAN.... EST in pSwitch, VST in vSwitch, VGT in VM. Most people use a mix of EST/VST. Explained in http://www.vmware.com/pdf/esx3_vlan_wp.pdf

VMware NIC Teaming.... Not an RFC but explained in http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf.

I would give your networking people these links, it should answer all their questions. They are confusing VMware NIC Teaming with their concept of NIC Teaming, it is different.

Best regards,

Edward L. Haletky, author of the forthcoming 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', publishing January 2008, (c) 2008 Pearson Education. Available on Rough Cuts at http://safari.informit.com/9780132302074

--
Edward L. Haletky
vExpert XII: 2009-2020,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
Erik_Zandboer
Expert
Expert

Hi,

When creating a default NIC team, ESX will use round-robin scheduling to assign VMs to A SINGLE network link. Every time you need a NIC connection, the ESX kernel will select a single NIC to use. Ergo each MAC address is visible on only one single link. Therefore you do not need to do anything on the physical switches to get it working. They will simply see a bunch of MACs from the different VMs that were bound to that connection. Each MAC will be seen on one of the physical connections only.

If a link fails, ESX will detect this, and put the VMs that were using that link to the other links (once again using roudn robin). After that, it will ARP the physical switch(es) to tell them where the MACs can be found. Even now, a MAC will only be seen through a single physical link.

Message was edited by: Erik Zandboer:

So you absolutely do NOT need etherchannelling / port aggregation on your physical switch(es)!!

Visit my blog at http://www.vmdamentals.com

View solution in original post

0 Kudos
limey36
Enthusiast
Enthusiast

Great! Thanks all for the responses!

L

0 Kudos
Slavek
Contributor
Contributor

What's the recommended Load Balancing method when you have two NICs connected to two separate physical switches?

0 Kudos
Texiwill
Leadership
Leadership

Hello,

Actually VMware generally recommends that you do not load balance, but if you do the default is VM Source Port ID based load balancing.

Best regards,

Edward L. Haletky, author of the forthcoming 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', publishing January 2008, (c) 2008 Pearson Education. Available on Rough Cuts at http://safari.informit.com/9780132302074

--
Edward L. Haletky
vExpert XII: 2009-2020,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos
Erik_Zandboer
Expert
Expert

Hi,

Load balancing can be done using several setups. The default works best in most situations (thats why it is the default I guess Smiley Happy ). In this scenario each virtual NIC is put on one of the physical connections. Round-robin is used to divide the VMs over the available physical NICs. So there is some load balancing going on here. Especially if you have a lot of VMs which all deliver similar network load, it gets blaanced real nice.

The alternative is "real" load balancing. In this scenario you put each SESSION on one of the physical NICs using round robin. This implies that one single MAC address can (and will) popup on more than a single physical connection. So in that case you'll need to create an etherchannel (Cisco terminology) or port aggregation (same thing, different name). This is the better way to do load balancing, but your switch(es) must support this. On top of this, it will not work on more than a single physical switch, because the switches normally cannot create an etherchannel spanning multiple switches (the only solution I see sometimes are the use of two Cisco 3750's with stacking cables, whcih can create etherchannels spanning the switches)

So, in a "normal" multi-physical-switch-environment I would just leave things default :smileymischief:

Visit my blog at http://www.vmdamentals.com
0 Kudos
surfup
Enthusiast
Enthusiast

Just a question ... what is going to happen if you have both bonded NICs on the same physical switch? Is this going to work at all? Thanks.

Cheers,

0 Kudos