VMware Cloud Community
MinoDC
Enthusiast
Enthusiast
‎05-27-2018 05:55 AM
Jump to solution

vSphere ESXi 6.x VSS Traffic

HI to all.

I would like to understand how traffic is routed through vss.
Let's assume 2 scenarios:

  1. Two ESXi configured in this way:
    • VSS 0 with 2 Uplink (Active / Active)
      • vmkernel 0 (Management service with IP 10.0.10.10/24 - VLAN 10) in Default TCP/IP Stack
      • 6 Production Port Group (VLAN 20,30,40,50,60,70) with 100 VM
    • VSS 1 with 2 Uplink (Active / Active)
      • vmkernel 1 (with IP 172.16.1.10/24) in vMotion TCP/IP Stack (vMotion Service)
    • Routing Table

      • Network                Netmask          Gateway          Interface

      • 10.0.10.10         255.255.255.0    Local Subnet     vmk0

      • 172.16.1.10       255.255.255.0    Local Subnet     vmk1

      • default                   0.0.0.0              10.0.10.1         vmk0

  2. Two ESXi configured in this way:
    • VSS 0 with 2 Uplink (Active / Active)
      • vmkernel 0 (Management service with IP 10.0.10.10/24 - VLAN 10) in Default TCP/IP Stack
    • VSS 1 with 2 Uplink (Active / Active)
      • vmkernel 1 (with IP 172.16.1.10/24) in vMotion TCP/IP Stack  (vMotion Service)
    • VSS 2 with 2 Uplink (Active / Active)
      • 6 Production Port Group (VLAN 20,30,40,50,60,70) with 100 VM
    • Routing Table
      • Network                Netmask          Gateway          Interface
      • 10.0.10.10         255.255.255.0    Local Subnet     vmk0
      • 172.16.1.10       255.255.255.0    Local Subnet     vmk1
      • default                   0.0.0.0              10.0.10.1         vmk0

  • In scenario 1 the in/out L2/L3 traffic is the same for Mgmt and Production throught VSS0

  • In scenario 2 , Mgmt and Production has two different VSS (VSS0 and VSS2) but same routing table as scenario 1 .

In the second scenario in/out L2 Production traffic, use VSS2 , right ?

In/Out L3 Production traffic, which vss will use?

     It should always use vss2, even if the routing table, has the gw on vmk0 that is on vss0, but why ?

Could you explain to me how it works?

Best Practices, which are ... Mgmt and Production on the same vss?


Thanks so much

0 Kudos
1 Solution

Accepted Solutions
daphnissov
Immortal
Immortal
‎05-27-2018 06:21 AM
Jump to solution

In the second scenario in/out L2 Production traffic, use VSS2 , right ?

Yes. "Production" = virtual machine traffic in this case.

In/Out L3 Production traffic, which vss will use?

     It should always use vss2, even if the routing table, has the gw on vmk0 that is on vss0, but why ?

Also vSS 2, because only those port groups are configured there. It makes no difference of the routing table because that is for kernel services, not virtual machines.

Do not confuse kernel services such as Management and vMotion with virtual machine traffic. The two are separate types of traffic and are handled differently. Wherever the port groups are configured and VMs joined to them, those VMs will use the uplinks assigned to the switch on which the port group lives for all in/egress traffic. Again, routing tables inside the kernel have no effect on the handling of these traffic flows because they're not applicable.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

View solution in original post

4 Replies
daphnissov
Immortal
Immortal
‎05-27-2018 06:21 AM
Jump to solution

In the second scenario in/out L2 Production traffic, use VSS2 , right ?

Yes. "Production" = virtual machine traffic in this case.

In/Out L3 Production traffic, which vss will use?

     It should always use vss2, even if the routing table, has the gw on vmk0 that is on vss0, but why ?

Also vSS 2, because only those port groups are configured there. It makes no difference of the routing table because that is for kernel services, not virtual machines.

Do not confuse kernel services such as Management and vMotion with virtual machine traffic. The two are separate types of traffic and are handled differently. Wherever the port groups are configured and VMs joined to them, those VMs will use the uplinks assigned to the switch on which the port group lives for all in/egress traffic. Again, routing tables inside the kernel have no effect on the handling of these traffic flows because they're not applicable.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
MinoDC
Enthusiast
Enthusiast
‎05-27-2018 06:32 AM
Jump to solution

ok then the traffic of the VMs (L2-L3), is sent to the uplinks connected to the physical switches which then will route the traffic according to their routing table, right?

what is BP, if there were any?

Mgmt Traffic and VM Traffic on the same VSS or better on two separate vss?

0 Kudos
daphnissov
Immortal
Immortal
‎05-27-2018 06:36 AM
Jump to solution

ok then the traffic of the VMs (L2-L3), is sent to the uplinks connected to the physical switches which then will route the traffic according to their routing table, right?

Yes. The exception is with two VMs connected to the same port group that wish to communicate with each other (L2). This traffic does not egress the ESXi host but is internally switched. A second exception is with NSX and the DLR. If VM A wishes to communicate with VM B and both are connected to the internal DLR, that traffic (L3) is switched at the kernel level and does not egress the ESXi host.

what is BP, if there were any?

What does "BP" mean?

Mgmt Traffic and VM Traffic on the same VSS or better on two separate vss?

The answer is "it depends". Very often this is done, but you may not want to do this for a few reasons. One reason could be if you use a backup application that uses NBD mode to pull data through the management interface, you might want that on a set of dedicated uplinks and vSS to isolate the traffic.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
MinoDC
Enthusiast
Enthusiast
‎05-27-2018 06:40 AM
Jump to solution

BP = Best Practies Smiley Happy sorry....

Thanks for your explanations.

0 Kudos