VMware ESX, NIC Teaming, and VLAN Trunking with HP ProCurve

Does this work with ESXi as well ?

Fransois

I currently have it running with ESXi and it works just beautifully. you can change the Vlan of vSwitch0 using the configurations menu on the ESXi.

Happy hunting.

Mark,

Though I haven’t tried it yet i think you can “Mesh” the two switches. once that is done I believe you can perform functions across switches.

We have a Dell R900 with 4 onboard Broadcom Nics. We need to know hwo to disable ‘flow control’ on those nics. I am not a linux/unix guy, so please provide command that would allow this. Thank you in advance.

@John Smer

Just a guess, but check your VLAN configuration on “TrkX” after it is configured.

Well I finally took the time today to really learn about vlans and trunking cause man for some reason vlans and trunking confuse me. But thanks to this post its a little more clear. Thanks guys

Finally I have a working virtual infrastructure lab with some old servers and a few hp 1800 (web managed) switches. But before I start learning other topics I have some questions on how vlans are used in a virtual scenario.
I’m still a bit confused on where you actually create the vlan.
From the post it seems that you do it at layer-2 with the port based tagging method, but then, you would need a port for each ingress connection, the switch would tag it and forward it to each corresponding 802.1Q trunk / tagged link.
Is this correct or am I missing something? Isn’t it like in the real world where you create the vlan at layer-3 and then use the switching infrastructure for forwarding? I’m asking this because you mention that the switch is tagging the packets that will reach the vSwitch, while to me it seems it just forwards packets based on the vlan id it finds in the tag.

Since we are talking about port based vlans, the only case where my switch can modify a packet traveling the trunk is based on that port (PVID). This is the only way I can do it with my (cheap) equipment, but it also make me wonder if there is a better way of doing it, maybe a layer-3 switch?

Hope that somebody could clear this to me.

Murray, Have you created the VLAN on the virtual networks you want to see the tagged VLANS on? I think that may be necessary or the virtual networks will only see the untagged VLAN otherwise.

I could be wrong however.

It’s already mentioned above, but does anybody know how to provide load balancing with 2 Pnics, each connected to a different Procurve swich? I know the 3500 yl can do that, but is there a way to trick the 2910 to do this?

Nice article! I have configured one of our ESX 4 hosts with trunking and VLAN’s as decribed here and it seems to work.

However, I would like to verify that I really get more bandwith because of the trunk. So I set up af VM with a 10Gb vNIC, and a physical test server with two teamed 1Gb NIC’s with LACP enabled at the physical switch (5412zl) so it runs 2Gb/s in both directions. The VM host has four 1-Gb NIC’s trunked as descibed on this page.

Then I copy a huge GB-file from the VM to my physical test server. But I never get more throughput than approx. 70% of 1 Gb, and the HP teaming software at the physical test server shows that it all runs on one NIC.

So my questions are:
- Should it actually be possible to use more than one physical NIC’s bandwith from a VM when using trunked NIC’s?
- How can I test that it works when my test as decribed above don’t seem to work?

Peter

hi

i have just setup our esx with four nics and set them to ip route in the networking on config on v centre

on the hp switch i have added these for cables to trk1. my question is do i need to enable flow control and do i just set the group to tunk and not use lacp. other than that is there anything else i need to do and will i get the benefit of a better performace with a 4gb trunk.

excellent site full of some excellent info thanks

mark

I’ve set up as instructed as far as I can tell but I’m getting very slow throuput (400Mbps max with 4 Gb NICs trunked on an 1800-24g). Any ideas? I’ve created a lengthy post on the ESXi forum with the problem! If anyone could help I’d much appreciate it.

http://communities.vmware.com/thread/260302?tstart=0

Scott -

I love the blog. I get a lot of good info on here. I too am running HP Procurve switches and am configuring some trunks for ESXi hosts. Would you know if LACP is supported with ESXi update 1? Or should I just use the trunk type “trunk”? Thanks.

Hi folks. I know very little about ESX, but I have been working with Procurve switches for many years. In the old days, before VMWare virtual switches and blade switches came along, us networking people did all the networking, and the server people did what they do best. Now however, I see server people doing a lot of bad networking on their blade switches and virtual switches, and switch people that doesn’t want to touch this new stuff. The result is bad networking setups in the interface between the heavy server machines and the multi-gig networks.

I have a problem I need help with in relation to Procurve and VMWare, but first I would like to shed some light on some of the networking issues above, and I’m happy to answer questions about Procurve if you have.

I have worked with teaming on HP servers, but not on VMWare. So too illustrate some teaming/trunking/load balancing points I’l l explain about teaming (HP on Windows) and Procurve, and hope that some of this applies to VMWare. I’m assuming two NICs, but that is irrelevant, there can be many:
HP supported three basic teaming mechanisms: Network Fault Tolerance (NTB), Transmit Load Balance (TLB) and Switch-assisted Load Balancing (SLB). For big servers, we want fault tolerance all the way, not just on NICs but also on server switches. NTB is really simple, one NIC is active and one passive. They can be connected to one switch but preferably to two separate switches. No configuration is necessary on the switches either way. TLB on the other hand can transmit on both NIC, but can receive only on one. The reason for this, is that the team can only have one primary MAC address. The closest router have a table connecting the NICs IP address with its (one) MAC address. The switches have tables that tell each switch on which port each MAC address in the network is located. So a MAC address, can only be associated with ONE port. NICS can be connected to one or two switches, and no configuration requred on the switches. SLB requires configuration of the switches. SLB have both NICs connected to two Trunk ports (Link Aggregated), so a Trunk must be defined on the swith ports as described by others above. Thes give you redundancy (not on switches) and load balancing/double bandwith in both directions.

Procurve did not use to have support for trunks (link aggregation) going to different switches (Distributed Trunking), but now supports what they call Server-toSSwitch Distributed Trunking on their 6600, 3500, 5400 and 8200 series. This is the best of both worlds: full redundancy and loadbalancing as well. I have a very good HP whitepaper describing how the network work together with server teaming. Also a Procurve paper comparing Cisco trunking/link aggregation with Procurve; a very good primer for ex Cisco folks…

I see some misconceptions about link aggregation above. Some folks complain about bandwidth issues after trunking two 1-gig ports. The “conversation” between two computers (two MACs (not the Apple type)) will always follow the same path for each packet. The team or switch make a decision for the first packet, on witch port to send it, and then all the rest of the packets follow the same path. Between these two computers, the bandwidth will remain the same as before trunking (link aggregation). The next computer sending data may be allocated to the other port, but may as well use the same port as the first computer. The more computers sending data over the trunk, the more evenly the load will be balanced, and the collection of computers will have near 2 gig connection. We call it statistical load balancing (its NOT load based).

In the HP teaming described above, you can set op MAC hashing or IP hashing to be used for load balancing. If all traffic from servers to clients are routed, you better chose IP hash. If it is switched, you can choose either. Since all traffic from a server come from the same MAC, and all routed traffic going to the routers interface is addressed to the same MAC, this scenario will provide NO load balancing if MAC hashing is used for routed traffic. To mu knowledge yhis apply to most switch manufacturers, as MAC hashing is the method used for link aggregation on switches,

I see some of you are using 1800 switches for server connectivity. They wil provide good throughput, but I consider them baby switches for home use. I recommend some real switches for the data center like 2910, 3500 (if you need full L3/L4 stack) or even better the 6600 series which are expensive data center switches where you can even configure the airflow.

I’m sorry for the lengthy lecturing, but you see, I used to be an Procurve Instructor;-) Hope some of this is useful, I just wanted to share…..

OK, if you’re still with me, maybe I can get some help with my problem. A customer have been having trouble that resembles Tom Ransons problem above. They have defined a team, but loose all connectivity when connecting both ports in the trunk. They have now disconnected one port in the team, but still experiencing problems: They use vMotion, and after moving a VM from one ESX host to another, it takes 5 minutes before the network connection is up. Both ESX servers now only have one NIC each connected to the same switch. I have been doing some network sniffing, and I see that if we have a ping (within the same subnet) from the VM that we move, the outgoing ping request is moving to the new NIC, but the reply is going to the first NIC for 5 mins.

5 minutes is the same as the switch MAC timeout value; that is if the switch does not “hear” from a MAC address for 5 mins., the entry is erased from the MAC table. This is really odd, because when the switch see the ping request from the next ESX host on the new port, it should immediately acknowledge that the MAC has moved, and associate the MAC address fith the new port. This is very basic L2 switch functionality, and I don’t think this has to to with the switches. So I suspect the setup of the networking on the server.

Seeing Erics scenario above, I realize that I should use his solution 2. But I would like functionality like HPs TLB server teaming. Is it possible to have NICs distributed on two switches, and send traffic on both NICs? It has two use a secondary MAC address for the second interface, so as not to confuse the network. If the same MAC address appear on different ports on the same or different switches, traffic will be very intermittent.