VSP3864: Best practices for virtualized networking

This session was a bit more high level and basic than I had hoped for, but here are the highlights:

  • Virtual Port ID load balancing is the default option and the least complicated option.
  • IP hasing is more advanced and requires Etherchannel to be configured on the switch
  • VTS (virtual switch tagging) is the most common vSwitch configuration
  • Private VLANs provide for L2 isolation. Really good for DMZs.
  • If you use IP hashing on the Cisco switch side you must configure Etherchannel for IP-SRC-DST, which is a global policy on the switch. The default mode on older IOS versions was MAC hashing which is not compatible.
  • If you use beacon probing (not recommended) it really needs three or more NICs to work properly.
  • Enable portfast on and use BPDUGuard to ensure STP boundaries
  • The VMware dVS has smarter load balancing
  • General tips:
    • How to change the VM MAC: KB 1008473
    • Using MS NLB Multicast? KB 1006525
    • Enabling CDP KB 1007069
    • Beacon probing and IP hashing do not mix KB 1017612 and 1012819
    • Check drivers and firmware against the HCL (very important)
    • Use VLAN 4095 on the switches for promiscuous mode
    • In ESXi you can use tcpdump-uw for packet captures. KB 1031186

Nothing earth shattering, but a few good tidbits of information.

Print Friendly, PDF & Email

Related Posts

Leave a Reply

avatar
  Subscribe  
Notify of
Scroll to Top