Latest

Home / Datacenter / NSX-T / VMware / Traffic Flooded in VMware NSX-T

Traffic Flooded in VMware NSX-T

January 06, 2021 , ,

Today I am going to talk about the Traffic flooded in VMware NSX-T. The NSX-T segment behaves like a LAN, providing the capability of flooding traffic to all the  devices attached to this segment. This is a  capability of layer 2. 

NSX-T does not  differentiate between the different kinds of frames replicated to multiple destinations. Broadcast,  unknown unicast, or multicast traffic will be flooded in a similar fashion across a segment. 

Fig 1.1- VMware NSX-T

In the  overlay model, the replication of a frame to be flooded on a segment is orchestrated by the  different NSX-T components. NSX-T provides two different methods for flooding traffic .

  • Head-End Replication Mode
  • Two-tier Hierarchical Mode

Head-end Replication Mode
In the head end replication mode, the transport node at the origin of the frame to be flooded  sends a copy to each other transport node that is connected to this segment.Head-End Replication mode is similar to Unicast Mode for NSX-V. 

Fig 1.2- Head-end replication mode 

If the Underlay Physical Network is L2 designed and all the VTEP IPs are on the same subnet, the BUM traffic is replicated to all ESX hosts that has member of N-VDS (Logical Switch VNI).  

For the Unknown Unicast Packets,  the ESX host asks the Controller about this Mac address while at the same time forwarding this packet to other ESX hosts similar to broadcast or multicast packet. 

This provides a "Fallback Mechanism" for Mac learning even for the rare case of Controllers not available, this mac learning behaviour could make the traffic flow although with some additional replication overhead.

Two-tier Hierarchical Mode
In the two-tier hierarchical mode, transport nodes are grouped according to the subnet of the IP  address of their TEP. Transport nodes in the same rack typically share the same subnet for their  TEP IPs, though this is not mandatory. Based on this assumption, Figure  shows hypervisor  transport nodes classified in three groups: subnet 10.0.0.0, subnet 20.0.0.0 and subnet 30.0.0.0. 

Fig 1.3- Two-tier Hierarchical Mode

The Two-Tier hiearchical replication (flooding mode) is the recommended way two optimize the CPU and reduce unnecessary replicationtraffic  of BUM traffic.  This explains  why it the default mode. This looks like the Hybrid Mode, only the difference is local replication is again Unicast, while hybrid mode uses Multicast for local replication. If all the VTEPs have the Same IP Subnet, then Two-Tier and Head-End is same.

Note : The default two-tier hierarchical flooding mode is recommended as a best practice as it typically  performs better in terms of physical uplink bandwidth utilization.