MKguy wrote:

I posted an earlier question around applying CoS markings using NetIOC or at the distributed port group layer. I assume that NetIOC can only mark CoS values and not DSCP values? Will assume this until I hear otherwise.

NIOC/the dvSwitch allows both, layer 2 CoS as well as layer 3 IP DSCP tagging:

http://www.datacenterdan.com/blog/vsphere-55-bpperformance05-network-io-control

http://wahlnetwork.com/2013/08/26/vsphere-5-5-improvements-part-9-networking-and-vds-razzle-dazzle/

http://virtualizationreview.com/articles/2013/10/30/how-to-vsphere-5-5-network-qos.aspx

The problem though, I am unable to see any packets that include dot1q tags and in turn the CoS markings. Does anyone have an alternate method to capture traffic? I want to check NFS, vMotion and VM traffic to confirm CoS markings are present.

The most reliable to determine whether CoS tagging is working would be mirroring the physical switch port or inserting a tap device between the physical switch and the host's NIC. Is that not an option for you?

What syntax are you using with the pktcap-uw utility?

I can't test myself currently but something like this should be closest to what you want:

# pktcap-uw –uplink vmnic2 --capture UplinkSnd --dir 1 --stage 1

Appreciate the information and I do understand it has the capability to do both. But if you configure it in different areas, what is exactly happening? As an example, under Resource Allocation to configure NIOC there is only 1 option to assign a "QoS" tag. Does this tag a DSCP value? I don't know and it's not clear on the surface what actually happens underneath. We could assume that it will assign a DSCP value but maybe it is only assigning a CoS value. At the distributed port-group layer, it is crystal clear that you can apply CoS or DSCP tags. All I want to do is verify this functionality by a simple test which was the idea behind the packet capture tool below. I know we can remove the complexities of this altogether via other means but if the feature is there and I configure it. How can I verify it is doing its job?

I have ran the following syntax and I still do not see the dot1q information in Wireshark...I thought we could with the example syntax you gave me...this tool must still be capturing traffic before the tagging/marking is applied then...any other ideas? If need be I could do some more capturing of traffic at the UCS layer.

pktcap-uw --capture UplinkSnd --uplink vmnic0 --dir 1 --stage 1 -o /tmp/capturevmotion.pcap

As an example, under Resource Allocation to configure NIOC there is only 1 option to assign a "QoS" tag. Does this tag a DSCP value? I don't know and it's not clear on the surface what actually happens underneath.

In that case it assigns a layer 2 CoS marking and not a DSCP value. The CoS field is only 3 bit long, and the UI restricts you to selecting values from 0-7.

It also states this in the documentation:

http://pubs.vmware.com/vsphere-51/index.jsp?lang=en&topic=/com.vmware.vsphere.networking.doc/GUID-58...

6 (Optional) Select a QoS tag for the network resource pool.

The QoS priority tag specifies an IEEE 802.1p tag, allowing quality of service at the media access control level.

I'm not sure what happens when you select different CoS values at the port group and "global" NIOC traffic profile level though.

If need be I could do some more capturing of traffic at the UCS layer.

That would probably be the safest approach, I can't really think of anything else. I suppose the encapsulation with CRC computation etc. is offloaded via the driver to the actual NIC.