cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
791
Views
0
Helpful
1
Replies

Exchange 2010 NLB on Nexus1000v - UCS - Cat4500

hbrkanic
Level 1
Level 1

Server Infrastructure: Microsoft Server 2012 Hyper-V installed on UCS Blade Servers. Network infrastructure is Nexus1000v for HyperV - FI62xx (endhost mode) uplinked to Catalyst 4510 Core Switch.

Plan: Deploy Exchange 2010 NLB with two servers, each with one network card, NLB mode: IGMP multicast

Configured:

- Catalyst: static ARP for Cluster VIP

- Nexus1000v: disabled IGMP snooping on servers VLAN

All configuration is acting strangely, it works for some clients but not for others, if we stopped one node in NLB, more things stops working but some works fine.

Nexus1000v configuration guide describes only NLB Unicast scenario.

I suppose that something is missing in configuration.

1 Reply 1

mwronkow
Cisco Employee
Cisco Employee

N1k only supports Unicast NLB.  For multicast & multicast+IGMP NLB there are a few things we can do that are not ideal because there will be excessive traffic flooding.

http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_5_1/release/notes/n1000v_rn.html#wp117941

NLB with multicast (non-IGMP)-

The NLB cluster uses a unicast IP address and non-IGMP multicast mac (03:bf) so IGMP is not used. N1k floods this frame.

This method could overwhelm the network in some situations.

1.    Use a dedicated VLAN for NLB VMs to limit mcast replication & flooding.

NLB with Multicast+IGMP-

Microsoft violates RFC2236 by putting a unicast IP in the IGMP Group messages.  N1k drops these messages since they violate the RFC.  CSCue32210 - "Add support for Microsoft NLB - Multicast+IGMP mode in Nexus 1000v" is targeted for a future release.  Before this feature exists we can configure the network as follows:

1.    Dedicate a VLAN for NLB VMs to limit mcast replication & flooding.

2.    Disable IGMP snooping on that vlan

vlan 10

no ip igmp snooping

3.    Add a static entry on upstream router for NLB cluster IP & shared MAC.

int vlan 10

ip arp 14.17.124.40 0100.5e7f.7c28

4.    Use mac-pinning configuration with manual pinning NLB vEths to one set of uplinks.  This will isolate flooding to a single upstream fabric interconnect & switch.

port-profile type veth NLB-VM

  channel-group auto mode on mac-pinning relative

  pinning id 0 backup 1   <-these numbers may differ in your environment

Matthew

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: