Xylord
Contributor
Contributor

NIC Teaming - IP Hash - Network link drops

Hello,

I'm trying to setup some new ESX hosts with IP Hash NIC teaming. They are HP ProLiant DL360 Gen10 servers.

The hosts have 2-port 10Gb fiber NICs in them. The NIC is connected to the same physical switch (Cisco).

I have been trying to follow the documentation for IP Hash setup and it says it requires port-channeling on the switch, which makes sense.

But every time we enable the port channeling, the management network link to the host completely drops out (no link lights on NIC) with no communication working to the server, except for ILO. When we turn off the port-channeling, the network link comes right back up.

If port-channeling is required to make IP hash work then does anyone know why the network link keeps dropping?

Are there special commands needed to make this work on the switch side?

Thanks in advance for any thoughts.

0 Kudos
14 Replies
a_p_
Leadership
Leadership

Are you using a Standard vSwitch, or a Distributed vSwitch?

In case of a Standard vSwitch please see https://kb.vmware.com/s/article/1004048  for limitations, and how to configure this (unless that's what you have already done).

André

0 Kudos
Xylord
Contributor
Contributor

We are using Standard vSwitch. I don't believe we have the licensing for Distributed vSwitch.

0 Kudos
Xylord
Contributor
Contributor

Yeah that link is the guidelines we're already following but it still doesn't work.

It kills the network link every time we enable port-channeling.

0 Kudos
nachogonzalez
Commander
Commander

Hey, hope you are doing fine.
the problem is that you are creating a port channel across two switches and it's not supported:

VMware Knowledge Base

Hope this works

0 Kudos
Xylord
Contributor
Contributor

I wish it were that easy but no, that doesn't apply to our situation.

Both ports on the NIC are connected to the same physical switch.

0 Kudos
ZibiM
Enthusiast
Enthusiast

AFAIK IP Hash is for static etherchannel

This is not portchannel

For portchannel you need LACP / LAG, and this is a feature of the distributed switch

TBH there is just a couple of cases, where IP Hash is worth considering the trouble.

Only network storage in certain scenarios and vMotion will see any benefit.

For me bigger worry would be this singular switch

0 Kudos
Lalegre
Virtuoso
Virtuoso

Hello Xylord​,

If you are following the first KB that a.p.​ shared with you please make note that the EtherChannel configuration is being configured as access mode. I assume that on your platform you are using Virtual Switch Tagging so you will need to change it to trunk mode. In case you are using access mode please make sure that the portgroup on the VSS is with VLAN 0.

If you are using trunk on your physical switches (which is recommended for traffic segmentation) please follow the next procedure for Cisco Switches: https://www.booches.nl/2008/05/port-channel-configuration-for-vmware/

If you still have doubts on how to configure please paste some screenshots from your portgroup properties (VLAN and Teaming and Failover tabs)

0 Kudos
scott28tt
VMware Employee
VMware Employee

Moderator: Thread moved to the vSphere vNetwork area.


-------------------------------------------------------------------------------------------------------------------------------------------------------------

Although I am a VMware employee I contribute to VMware Communities voluntarily (ie. not in any official capacity)
VMware Training & Certification blog
0 Kudos
Xylord
Contributor
Contributor

Oh interesting. Many of VMWare's own articles stated that etherchannel and portchannel are the same thing.

This is not correct?

The switch is trucked with other switches but the NIC is only connected to one of those switches. So the switch isn't singular in that regard.

0 Kudos
ZibiM
Enthusiast
Enthusiast

You'd be better connecting your NIC to 2 switches and using plain trunks with default teaming policy ("originating ports").

0 Kudos
Xylord
Contributor
Contributor

Thank you for this info!

I'll pass it to my network admin and see if there's any adjustments we need to make.

0 Kudos
Xylord
Contributor
Contributor

I thought this too but my understanding is that "originating port ID" is not true load balancing so you don't any performance benefit. It's more just for failover to next available NIC.

Since these hosts will be used to virtualize our F5 traffic, the thought process was that IP Hash would be better in allowing increased throughput.

I could be wrong though.

0 Kudos
ZibiM
Enthusiast
Enthusiast

TBH there is no true load balancing for the ESXi network load

IP-Hash or LACP/LAG are just load distributions - they won't magically allow single connection to utilize more than one link.

If you have distributed switch you can use load based teaming policy, but it just affects the traffic you send out of ESXi server.

On the other hand I doubt it will really matter - 10G link is more than enough for the single VM.

If you want to increase performance for your F5 you'd better check F5 recommendations regarding deployment on the Vmware

0 Kudos
bayupw
Leadership
Leadership

Hi, there's a documented KB here on the steps highlighting about the Management Network portgroup which you can try

VMware Knowledge Base - NIC teaming using EtherChannel leads to intermittent network connectivity in....

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos