load balancing mode of a LAG

  • 1
  • Question
  • Updated 10 months ago
I need to check the load balancing mode of the lags on the physical switches (ICX6610, 08.0.30t) facing our esxi cluster. On the cluster side, at the virtual switches, the balancing mode is currently "Source and destination IP address". The manual is a bit vague of the modes and I can't seem to find a command to modify the mode in the physical switch.

The manual says (a snippet...):

Layer 2 Bridged TCP/UDP: Source and destination MAC addresses, source and destination IP addresses, and source and destination TCP/UDP ports.
...
Layer 2 Bridged IPv4 TCP/UDP  Source and destination IP addresses, and source and destination TCP/UDP ports.

So what is the difference here with "bridged tcp/udp" and "bridged ipv4 tcp/udp"? And are those different, selectable modes?

Eg "src & dst ip address and tcp/udp port" is one of the possible selections on the cluster side. Would that be a better combination for icx?









Photo of hwa

hwa

  • 6 Posts
  • 0 Reply Likes

Posted 10 months ago

  • 1
Photo of Simon

Simon, Employee

  • 88 Posts
  • 48 Reply Likes
Hi

LAG load balancing is fixed and cannot be changed, the method used depends on the traffic type (this is described in the L2 config guide). Symmetric load balancing can be enabled if required (some firewalls need this) but it does not alter the traffic distribution across the links.
Photo of Simon

Simon, Employee

  • 88 Posts
  • 48 Reply Likes
Hi

I'm afraid I can't comment on the vsphere config. with any confidence as it's not something that I have any experience with, but from what you have described "src and dst ip address and tcp/udp port" looks like the best match to the ICX behavior. The only way to be certain with be to perform some testing which is not something that we would be able to do.

Hopefully someone else on here has some relevant experience and can share some real-world insights.
Photo of hwa

hwa

  • 6 Posts
  • 0 Reply Likes
Simon,

I understand. Thanks for your input.
Photo of Vu Pham

Vu Pham, Employee

  • 14 Posts
  • 12 Reply Likes
Hi Hwa - LAG hashing on ICX is locally significant on the ICX, its result will decide which port to map the egress traffic toward the ESX. Similarly, LAG hashing on ESX is locally significant on the ESX, its result will decide which port to map egress traffic toward the ICX. Since it's two independent process, so I believe the hashing algorithm doesn't  have to match between ICX and ESX.

Thanks,

Vu
Photo of hwa

hwa

  • 6 Posts
  • 0 Reply Likes
Hi Vu,
I'm thinking the returning traffic. Say, from the host the traffic is sent out via one interface and the return traffic is sent from the switch to the host via another interface because of different load balancing mechanism. And of course vice versa. Would this affect the performance of either devices?
If there is no effect, what is the point of having several load balancing algorithms at all?

Photo of Vu Pham

Vu Pham, Employee

  • 14 Posts
  • 12 Reply Likes
Hi Hwa - I see your points. I think there is 'symmetric lag hashing' option that maybe be able to do what you're thinking, but it only work on IP packet and not Layer 2 packets. ICX6k don't support it, but ICX7K do. I don't know if VMware or Linux even support it. So it's not really a good option for load-balancing either.

Since lag hashing result is locally significant, I think even the hashing algorithm is the same on both LACP peer, it doesn't guarantee that the same pair of traffic will always get mapped to the same port on both end. What can be expected is that the ICX would always map SrcA/DstB to the same port as long as that port is up, this could be Port1 depend on the hash result of ICX. And similarly ESX would probably always map SrcB/DstA to the same port as long as that port is up, this could be Port 2 depend on the hash result of ESX.

At the high level on the ICX6K, when the traffic is Layer3 (being routed between VLAN/VE), it uses the IP headers and protocol fields in hashing. When the traffic is bridged/Layer2 (being switched in the same VLAN), it depends on the traffic type, IP and/or Ethernet headers along with Layer 4 ports info are used in hashing. I believe this is a standard method among vendors, and should be very similar between them.

Thanks,

Vu

Photo of hwa

hwa

  • 6 Posts
  • 0 Reply Likes
Vu, Thanks for you informative input. Really appreciate it. I think i get it now.