Wednesday, 8 January 2014

Network Load Balanced (NLB) Multicast Array on VMware ESX 5 using Cisco Switches/Routers

When using VMware Virtual Machines (VM) and Microsoft Network Load Balancing (NLB) in Multicast mode, there is some extra configuration that needs to be completed on the switching/routing side of things.

Basically in multicast mode, each node's NLB NIC has two MAC addresses assigned to it. One is the original one and the other is a virtual one assigned by NLB. This causes some problems because almost all routers by default will drop Address resolution protocol (ARP) replies sent by nodes in the cluster. This is because the router receives packets addressed with a unicast IP address and a multicast MAC address. (it basically thinks that is WRONG :) and drops it). As a result the ARP table and MAC table's don't get updated.

Of course this means our packets don't go where they are meant to so it doesn't work. :(

VMware provides a KB article with some instructions, http://kb.vmware.com/kb/1006525, however i found that they left a few details out. So i thought i would rewrite it and throw in some extra information you may find useful.




Scenario


In our scenario we have one network consisting of two routers/switches, two ESXi hosts and two NLB nodes in a multicast cluster. The two routers are connected by a Etherchannel. The two host VM uplink trunks are also Etherchannel's.

NOTE - The only difference using etherchannel's rather than interfaces is that in the Cisco commands we will specify PO instead of Gi or Fa. If you are using standard interfaces make sure you run the MAC Resolution commands below for each interface.





Resolution


To fix this issue we need to tell the routers/switches, which MAC address corresponds to what IP address, by updating the ARP tables on both router/switches. We also need to update the MAC Address tables on the router so it knows what interface the multicast MAC address is on.


ARP Table - 

1. Telnet/SSH into Cisco switch console and login. 

2. Go into Enable mode.

 enable 

3. Enter Configuration mode.

 conf t 

4. Enter arp [NLB ip] [NLB mac] ARPA

 arp 192.168.200.200 03bf.c0a8.0164 arpa  


MAC Address Table - 


1. Telnet/SSH into Cisco switch console and login. 

2. Go into Enable mode.

 enable 

3. Enter Configuration mode.

 conf t 

4. Enter mac-address-table static [NLB mac] [vlan of cluster] [interface]

mac-address-table static 03bf.c0a8.0164 vlan 200 interface po1
mac-address-table static 03bf.c0a8.0164 vlan 200 interface po2
mac-address-table static 03bf.c0a8.0164 vlan 200 interface po100

NOTE - You need to do the last commands for each interface that the NLB cluster may be connected to. e.g. PO1, PO2, PO100 (if your VM vmotions to a the other host it will not be able to traverse the switch etherchannel joing them.


Hope this helps someone as i struggled with this for a few hours

1 comment: