This is just a short blog post as it can be useful for other full-stack (compute/storage/network) infrastructure engineers.
I have just had a call from my customer with the following problem symptom.
Symptom:
When ESXi (in ROBO) is connected to vCenter (in Datacenter), TCP/IP communication overloads 60 Mbps network link. In such a scenario, huge packet retransmit is observed. IP packets are defragmented and packet retransmission is observed.
Design drawing:
Hypothesis:
MTU Defragmentation is happening in the physical network and MTU is lower than 1280 Bytes.
Planned test:
Find the smallest MTU in the end-2-end network path between ESXi and vCenter
vmkping -s 1472 -d VCENTER-IP
Back to basics
IP fragmentation is an Internet Protocol (IP) process that breaks packets into smaller pieces (fragments), so that the resulting pieces can pass through a link with a smaller maximum transmission unit (MTU) than the original packet size. The fragments are reassembled by the receiving host. [source]
The vmkping command has some parameters you should know and use in this case:
-s to set the payload size
Syntax: “vmkping -s size IP-address”
With the parameter -s you can define the size of the ICMP payload. If you have defined an MTU size from eg. 1500 bytes and use this size in your vmkping command, you may get a “Message too long” error. This happens because ICMP needs 8 bytes for its ICMP header and 20 bytes for IP header:
The size you need to use in your command will be:
1500 (MTU size) – 8 (ICMP header) – 20 (IP header) = 1472 bytes for ICMP payload
-d to disable IP fragmentation
Syntax: “vmkping -d IP-address”
Use the command “vmkping -s 1472 IP-address” to test your end-2-end network path.
Decrease -s parameter until the ping is successful.
No comments:
Post a Comment