VMware Networking Community
Matt12
Contributor
Contributor

Performance issue with asymetric traffic

Hello,

We are running a network of virtual router (Vyos) on NSX-V with OSPF between the routers as the routing protocol.

We have noticed some performance issue happening exclusively with TCP.  File transfer ,http upload are impacted while transiting through the virtual network.

The issue does not happen all the time but we manage to narrow it down to a few scenarios.

After some research, we found out that this issue happens when traffic is not 100% symmetric.

As a test, we tried to upload traffic directly to one of the edge vyos virtual router.

What we noticed is that if the traffic enters the router from one interface (lets say eth0 connected to distributed port group 0) and come back via another interface (eth1 connected to distributed port group 1) then the transfer will slow down and fail.

We have tried everything we can possibly think of to fine tune the vyos configuration (such as disabling RP filter) but we still face the issue.

I have also tried to change the teaming failover on the port group itself, two ports active, 1 port active, 1 port standby, 1 port active, 1 port disabled but no improvement.

I am wondering if there is any mechanism at NSX level that may cause this behavior?

0 Kudos
4 Replies
Sreec
VMware Employee
VMware Employee

If I understand your connectivity right, several Edges are set up in A/A mode, and you're having trouble with SCP transfer performance. There are no edges in the path of the direct upload, is that correct? There are no known difficulties if we only have one Edge, right? What version of NSX are you using? Can you share the snippet of your teaming policies? 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
0 Kudos
Matt12
Contributor
Contributor

Hello,

Actually no edge is involved. These are vyos routers so from a VMware standpoint, just VMs...

The problem happens on SCP, HTTP so basically any TCP transfer is impacted. ICMP and UDP working fine.

I am using NSX 6.4.5.

See attached teaming policy,

0 Kudos
steffen_richter
Hot Shot
Hot Shot

Does not sound like an NSX issue to me. If you are not using Routing devices of NSX, this sounds like you are using VLANs only, no Overlay?

If the answer is yes and you are using two different physical uplinks on the portgroups on the ESXi host, then NSX does not really do anything here - just transporting packets from a VM-vNIC thrrough a vSwitch to a pSwitch and back. Check your router and the traffic originating source VM(s).

BTW - your NSX release is out of general support since January of last year ;).

BR
Steffen

VCI since 2009
0 Kudos
Matt12
Contributor
Contributor

Ok thats good news if we can rule out NSX issue.

0 Kudos