Tuesday, March 15, 2011

Understanding ESX/ESXi Load Balancing Of Virtual Networking Concepts

Understanding ESX/ESXi Load Balancing
Of Virtual Networking Concepts

Background
For better understanding VM ESX/ESXi vswitch load balancing method, I did some tests using an ESX server hosting two virtual servers and a Cisco3560G switch as access switch. Here are test scenarios and results.

Scenario One:
Load balancing method: Route based on the originating virtual switch port ID
“Choose an uplink based on the virtual port where the traffic entered the virtual switch. This is the default configura­tion and the one most commonly deployed.
When you use this setting, traffic from a given virtual Ethernet adapter is consistently sent to the same physical adapter unless there is a failover to another adapter in the NIC team.
Replies are received on the same physical adapter as the physical switch learns the port association.
This setting provides an even distribution of traffic if the number of virtual Ethernet adapters is greater than the number of physical adapters. ” - Virtual Networking Concepts, p8

AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 …
 252    000c.29c6.d1ec    DYNAMIC     Gi0/11
 252    000c.29c6.d1f6    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/11
Total Mac Addresses for this criterion: 28
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/11
 252    000c.29c6.d1f6    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/11
AU-3560G-LAB#sh int g0/5
GigabitEthernet0/5 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 0 bits/sec, 0 packets/sec
  30 second output rate 0 bits/sec, 0 packets/sec
     953540480 packets input, 3646569118 bytes, 0 no buffer
AU-3560G-LAB#sh int g0/11
GigabitEthernet0/11 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 682973000 bits/sec, 59657 packets/sec
  30 second output rate 3499000 bits/sec, 6432 packets/sec
     777185120 packets input, 85576404 bytes, 0 no buffer
From switch statistics, we can see that “traffic from and to a given virtual Ethernet adapter is consistently sent to the same physical adapter”. But VM servers were only using one upstream link.  There are some articles online also mentioned this problem. That “Route based on the originating virtual switch port ID” might over utilize one physical upstream link while other links are idle.
“There is no guarantee that the VMs will be evenly distributed across the uplinks on a vSwitch or port group. Although I’ve seen references in the VMware documentation to indicate that VMs are balanced in some fashion (I could not find those references, however), real-world experience seems to indicate otherwise. In my tests, I had instances where four VMs were all “linked” (via their virtual port ID) to the same uplink.”- [2]

Scenario Two:
Load balancing method: Route based on source MAC hash
Choose an uplink based on a hash of the source Ethernet MAC address.
“When you use this setting, traffic from a given virtual Ethernet adapter is consistently sent to the same physical adapter unless there is a failover to another adapter in the NIC team.
Replies are received on the same physical adapter as the physical switch learns the port association.
This setting provides an even distribution of traffic if the number of virtual Ethernet adapters is greater than the number of physical adapters.  “- Virtual Networking Concepts, p8

AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/11
 252    000c.29c6.d1f6    DYNAMIC     Gi0/11
 252    000c.29dc.2883    DYNAMIC     Gi0/5
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/11
 252    000c.29c6.d1f6    DYNAMIC     Gi0/11
 252    000c.29dc.2883    DYNAMIC     Gi0/5
AU-3560G-LAB#sh int g0/5
GigabitEthernet0/5 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 312931000 bits/sec, 27229 packets/sec
  30 second output rate 1730000 bits/sec, 3181 packets/sec
AU-3560G-LAB#sh int g0/11
GigabitEthernet0/11 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 361261000 bits/sec, 31594 packets/sec
  30 second output rate 1897000 bits/sec, 3486 packets/sec
     788557468 packets input, 3465182387 bytes, 0 no buffer
From switch statistics, we can see that “traffic from and to a given virtual Ethernet adapter is consistently sent to the same physical adapter and even distribution of traffic”.

Scenario Three:
Load balancing method: Route based on IP hash
“Choose an uplink based on a hash of the source and destination IP addresses of each packet. (For non-IP packets, whatever is at those offsets is used to compute the hash.)
Evenness of traffic distribution depends on the number of TCP/IP sessions to unique destinations. There is no benefit for bulk transfer between a single pair of hosts.
You can use link aggregation — grouping multiple physical adapters to create a fast network pipe for a single virtual adapter in a virtual machine.
When you configure the system to use link aggregation, packet reflections are prevented because aggregated ports do not retransmit broadcast or multicast traffic.
The physical switch sees the client MAC address on multiple ports. There is no way to predict which physical Ethernet adapter will receive inbound traffic.
All adapters in the NIC team must be attached to the same physical switch or an appropriate set of stacked physical switches. “- Virtual Networking Concepts, p8

AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 …
 252    000c.29c6.d1ec    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/5
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 …
 252    000c.29c6.d1ec    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/11
 252    8071.1f75.9400    DYNAMIC     Po1
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/11
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/5
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/5
 252    000c.29dc.2883    DYNAMIC     Gi0/11
AU-3560G-LAB#sh mac-address-table vlan 252
          Mac Address Table
-------------------------------------------
Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 252    000c.29c6.d1ec    DYNAMIC     Gi0/11
 252    000c.29dc.2883    DYNAMIC     Gi0/11
AU-3560G-LAB#sh int g0/5
GigabitEthernet0/5 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 376834000 bits/sec, 32902 packets/sec
  30 second output rate 1993000 bits/sec, 3666 packets/sec
     1039995654 packets input, 3092458811 bytes, 0 no buffer
AU-3560G-LAB#sh int g0/11
GigabitEthernet0/11 is up, line protocol is up (connected)
  Output queue: 0/40 (size/max)
  30 second input rate 317242000 bits/sec, 27656 packets/sec
  30 second output rate 1699000 bits/sec, 3122 packets/sec
     876193283 packets input, 4214465776 bytes, 0 no buffer
From switch statistics, we can see that “traffic from and to a given virtual Ethernet adapter is sent to different physical adapters and is unpredictable”.

Conclusions:
Here are conclusions when choosing VM ESX/ESXi vswitch load balancing methods during the network practice.   
1.       If you are using one server with two NICs and one upstream physical switch, you can use one of either three LB methods. But “Route based on the originating virtual switch port ID” is not recommended.
When you use “Route based on IP hash” method, you should configure link aggregation to prevent packet reflections - retransmit broadcast or multicast traffic.

Route based on the originating virtual switch port ID

Route based on source MAC hash


Route based on IP hash - Link Aggregation


2.       If you are using one server with two NICs and two upstream physical switches, you can use one of either “Route based on the originating virtual switch port ID” or “Route based on source MAC hash” LB methods. But “Route based on the originating virtual switch port ID” is not recommended.
·         When using “Route based on source MAC hash”, the port that VM will use is not predictable. This might not be preferable for some network setup.
·         You should not use “Route based on IP hash” when you have multiple upstream switches.

Route based on the originating virtual switch port ID


Route based on source MAC hash



3.       If you are using one server with multiple NICs and multiple upstream physical switches, you can use one of either “Route based on the originating virtual switch port ID” or “Route based on source MAC hash” LB methods. But “Route based on the originating virtual switch port ID” is not recommended.
·         When using “Route based on source MAC hash”, the port that VM will use is not predictable. This might not be preferable for some network setup. Because you have multiple NICs to use, you can setup multiple vswitches and put different servers onto them to achieve network load balancing.
·         You should not use “Route based on IP hash” when you have multiple upstream switches.

Route based on source MAC hash



Route based on the originating virtual switch port ID – With Multiple Vswtiches


Reference:
Virtual Networking Concepts - http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf
[2] More on VMware ESX NIC Utilization - http://blog.scottlowe.org/2008/10/08/more-on-vmware-esx-nic-utilization/
Posted by at
Labels: , , ,

2 comments:

  1. AnonymousJanuary 31, 2022 at 6:26 AM

    1xbet korean | Play and win on 1xbet.com
    1xbet choegocasino Korean. Live and Online Sports Betting. Bet on 1xbet all major leagues & competitions in 바카라 Asia and around the world.

    ReplyDelete
  2. AnonymousFebruary 1, 2022 at 10:30 AM

    The Casino Site | LuckyClub.live
    Lucky Club is your one stop shop for live dealer casino and slots. Join luckyclub us today to play our games with great rewards and promotions. Join today! Rating: 4.6 · ‎Review by LuckyClub.live

    ReplyDelete

Subscribe to: Post Comments (Atom)