Separation of Traffic with 2 x 10Gbps NICs?

We have a 9 blade Hyper-V cluster and unfortunately, each blade was only specced out with 2 x 10Gbps NICs. Right now each is configured in a team, with Live Migration, VM, and iSCSI traffic all flowing equally.
I'm going to separate them out tonight by breaking the team and assigning one for VM and Live Migration traffic and the other dedicated for iSCSI traffic.
Is there any reason I shouldn't configure it this way, are there any other tweaks I should make?

The Windows engineering team made changes to iSCSI to enable it to support teamed adapters.  But you still might want to consider creating two iSCSI NICs, placing them on separate subnets, and using MPIO.
. : | : . : | : . tim
Thanks Mickael and Tim. Following a slightly newer TechNet article (http://technet.microsoft.com/en-us/library/dn550728.aspx#BKMK_Example) I've got my VMQ queues configured as follows on a single host for testing:
2 x SMB Multipathing vAdapters (tested and traffic is load balancing perfectly)
2 x iSCSI vAdapters (configured Dell MPIO to bind to these two alone, seems to be working)
1 x Live Migration vAdapter
1 x Management vAdapter for pHost Access and VM Traffic
I'll be taking it a step further next week and creating VLANs for all the individual subnets at my pSwitch layer, but I feel much better having some sort of separation/isolation of traffic.
Have a great weekend.
- Matt

Similar Messages

  • Storage spaces + Hyper-V with multiple 1GBe nics for storage?

    Hi guys!
    So I just got my private cloud hardware. I actually put in the order before summer, but due to firmware and certification issues on my desired SuperMicro JBODs delivery was seriously delayed. So much that I've completely forgotten my networking ideas. I
    need help/verification. Or at least a URL - most described setups are 10 GBe nowadays... Or even a "not gonna work"  :-)
    My setup is supposed to be a 3 JBOD, 2 head node storage spaces/sfos cluster providing storage to a 4 node Hyper-V cluster. I didn't have a budget for a 10 GBe setup, but got a great price on a lot of 1 GBe nics. After allocating management, Hyper-V, etc
    I have 3x 1 GBe ports left on all Hyper-V and Storage servers. 
    I think my original plan was to create three subnets and add one nic from each server. And then I guess I've imagined some kind of SMB3 magic discovering these paths between Hyper-V and storage and just aggregating bandwitdh and providing fault tolerance
    by sprinkling fairy dust. Must have been the heat...
    So now I'm "replanning" and I realize that I'm going to create a failover cluster at the storage level providing a cluster name and IP. I'm thinking the management subnet where domain info resides is appropriate, but then what about the other three
    subnets? I don't want to flood my management subnet with storage traffic, but do want bandwidth and resilience. Did I make a design error, and how do I make the best of the situation?
    Disclaimer: My previous experience on virtualization clusters is ISCSI SAN and 2008 R2 Hyper-V clusters. Storage Spaces is completely new to me :-)
    And due to overlapping technologies I struggled a bit on placing this thread. Hope I got it right

    Hello,
    i did not understand how many NICs you have in each Host. Hyper-V Cluster with 1 GBe NICs work as long as you know that it is not 10 GBe.
    In this article is the complete Hyper-V Cluster design in checklist form. I think you should work with this list for some further ideas:
    http://blogs.technet.com/b/askpfeplat/archive/2013/03/10/windows-server-2012-hyper-v-best-practices-in-easy-checklist-form.aspx
    Sorry that i cant give a better answer, but i lack information about about your environment.
    Regards,
    Thomas
    Thomas Hanrath [MCT | Regional Lead Germany] |
    http://www.hanrath.de
    Microsoft Learning Blog |
    http://blog.microsoftlearning.de
    MCSE | Private Cloud

  • 2012 R2 Hyper-V Cluster two node design with abundance 1Gbps NICs and FC storage

    Hello All,
    First post so please be gentle!
    We are currently in the process of building/testing the upgrade of two node 2012 R2 Hyper-V cluster.
    Two hosts built with Datacentre 2012 R2 which will host approx. 30 VM's.
    Shared storage will be fault tolerant FC- connection.
    10, (yes 10!) 1Gbps NICs are available, Intel i350.
    trying to decide on teaming interfaces using native LBFO and the 2008 'style' of using un-converged networking, or teaming up most interfaces and using QoS.  Can find many/numerous examples of using 10Gbps NICs and converged, however 10Gbps networking
    isn't an option right now.
    recommendations appreciated.
    thanks

    Hi Sir,
    >>trying to decide on teaming interfaces using native LBFO and the 2008 'style' of using un-converged networking, or teaming up most interfaces and using QoS. 
    The following link detailed the teaming configuration and it's applicable scenario (server 2012):
    http://www.aidanfinn.com/?p=14039
    Also please refer to the document for 2012R2 LBFO :
    http://www.microsoft.com/en-us/download/details.aspx?id=40319
    In server 2012R2 , there is a new setting "Dynamic" for "load banacing mode " and it is recommended to use Dynamic for "Load banacing mode" :
    If you can accept 1GB max bandwidth for each VM I would suggest you to use LBFO mode : Independent/dynamic/None(All adapter active)  .
    Best Regards,
    Elton Ji
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] .

  • How can i split Client Network traffic and My exchange traffic with two differnet ip address?

    Hello Everyone
    sorry for my bad English and also my bad explaine
    here is my network looks like
    all the client on one subnet and network is 192.168.0.0
    i have Dsl router that connect to Tmg server
    i have Tmg with two NIC
    1-192.168.0.4
    2- 2 Public Ip address
    i want to do this
    i want to split user's traffic and my exchange traffic
    i mean i want to route user's traffic with one public ip addresss
    and my exchange server's traffic with another public address
    but when i add additional ip address at Tmg or create new NIC card
    all of my traffic route with one public ip Address what should i do?

    Hi Uhan,
    You need to use ENAT fuction on TMG to achive this
    On the External NIC assing the Second IP as Additionl IP address (VIP)
    Create a network Rule to NAT traffice From Exchange server IP address to the required Public IP which you need the E NAT.
    Ensure you are creating rule only from Exchange server IP and not all INternal.
    Look at the below Doc you step by step config
    http://www.isaserver.org/articles-tutorials/configuration-general/Configuring-One-to-One-NAT-TMG-2010.html

  • Binding SCOM traffic to a management NIC

    Hi
    I'm trying to bind SCOM traffic to a management NIC and was wondering if this is possible?
    My SCOM management servers are located in Domain A with 2 NICs. One NIC is an Application NIC and the other is management NIC.
    In Domain B (a new domain), I have a gateway server which also has 2 NICS. I have used hosts file to bind all SCOM traffic from the gateway server to the management server - this is all working ok.
    The managed servers in Domain B also have a management NIC and an Application NIC.
    I am trying to force SCOM agents to use the management NIC by using a DNS host alias 'gatewayserver.manangement.domainB.local' which resolves to the management NIC.
    When installing the agents, I use gatewayserver.management.DomainB.local. But once the agent starts, it resorts to gatewayserver.DomainB.local and tries to use the Application LAN which is not the desired result.
    Can anyone give me some pointers as to where I'm going wrong?

    Windows doesn't have this sort of feature, you will need to look at a 3rd party tool like "ForecebindIP"
    http://old.r1ch.net/stuff/forcebindip/
    There are tutorials available on the net for the use of this application.
    I don't recommend using this as it adds an extra layer of complexity to troubleshooting, also looks to only be for older versions of windows.
    Cheers,
    Martin
    Blog:
    http://sustaslog.wordpress.com 
    LinkedIn:
    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

  • Samples Not Acquired on NI 660x or NI 6624 Devices When using pulse width, semi-period or two-edge separation buffered measurements with the NI 660x and NI 6624 on counters 0 and 1, some samples may not be acquired under certain circumstances.

    In the DAQmx 9.4 Readme the following is stated:
    Samples Not Acquired on NI 660x or NI 6624 Devices When using pulse width, semi-period or two-edge separation buffered measurements with the NI 660x and NI 6624 on counters 0 and 1, some samples may not be acquired under certain circumstances.
    Could anyone elaborate on this? I am particularly interested in knowing under what circumstances this problem arises for the 6602 PCI devices.
    How should I understand 'NI 660x and NI 6624 on counters 0 and 1'. Is it only a problem on counter 0 and 1 for the 660x or does this only apply for the 6624 devices.
    /mola 

    Are there any NI Product Support Engineers out there who has an answer to this question and who are willing to share it with me?

  • Install SUN Solaris 10 X86 in Dell Optiplex 620 with Broadcom 5751 NIC

    I shall be very grateful if any one would offer his/her advice of the followings:
    1) How do I copy a img file, i.e bcmedu.img which file size is
    1.47MB to a 1.44 diskette when the PC is unable to
    connect to network?
    2) Where can I get a copy of the driver for bcme.bef to be
    install in DELL Optiplex 620 with Broadcom 5751 NIC?
    3) Is there a way to install NIC driver through other media other than diskette in Device Configuration Assistant?
    Note: I have followed the Installation and Configuration Guide provided by SUN and Boardcom but has yet to make the network card detected despited I have been re-installed the OS many times.
    Your great help is much appreciated.
    Regards,
    swee

    i was facing the same problem just hours ago.
    i successfully installed broadcom driver into solaris 10 with Dell GX280
    i copy broadcom driver into a CD and run it on solaris pc.
    i copied out the file into a directory and use pkgadd -d BRCMbcme.pkg and voila. My pc detected the network card.
    Then start configuring your network.
    It works for me. Hope it works for u.
    remember to read the readme file which come with the broadcom driver.

  • Correct binding order in a Cluster with logical switches, NIC teams, and vNICs on the host.

    I have seen many recommendations to set the network binding order on you Hyper-V hosts to something similar to:
    Management NIC
    Cluster NICs
    iSCSI NICS
    However, all of  these recommendations are for scenarios where the NICs are all physical NICs in the host.
    Using Server 2012 R2, I am building converged networks with logical switches, NIC Teams, and vNICs on the host.  So when I go set the network binding order, I now have all these components to deal with as well.  For example, on a 4 adapter blade,
    I might typically have the following items in the binding order drop-down.
    4 - physical NICs (2- teamed for the 1 virtual switch, the other 2 used for iSCSI)
    1 - Team interface (Datacenter_Switch)
    5 - vNICs (Management, Cluster, LiveMigration, iSCSI-1, iSCSI-2)
    So, should you only worry about order of the vNICS (placed at the top) and let the other components just fall to the bottom of the list?  This seems to be likely to me, since the binding order applies to service access to the resources, and the other
    components are not being directly accessed by network services?
    Or, should the order start out with the physical resources needed to access the vNICs, followed by any intermediate resources (switches or team interfaces, then the vNICS themselves, to ensure that the resources are available to the subcompnents accessing
    them?
    Any help would be appreciated.
    Thanks.
    -Tim Reid

    If by 'network binding order' you mean the order set in the Advanced Settings of the Network Connections of the Control Panel, then the most important one is to make sure the domain network is at the top of the list.  Whichever network is at the top
    of the list is used first for auth functions.  So auth functions perform best when the proper network is placed first in the binding order.  After that, I don't know that it makes much difference at all.  (If it does, I'm sure my statement will
    start a lively discussion. <grin>)
    . : | : . : | : . tim

  • Need help with my MX98715 NIC setting

    Hi,
    I had trouble with my MX98715 NIC. My question is, how can I change the transceiver capablities of my MX98715-based Ethernet Adapter from adv_autoneg_cap to adv_10hdx_cap&#65311;
    I tried to change everything including system file or use the ndd command, but it takes no effects.
    I changed the /etc/system file by adding:
    set hme:hme_adv_autoneg_cap=0
    set hme:hme_adv_10hdx_cap=1
    set mxfe0:mxfe0_adv_autoneg_cap=0
    set mxfe0:mxfe0_adv_10hdx_cap=1
    Then I reboot my system, but the Solaris 10 still auto negotiates it with the 100Mbps full duplex.
    What's wrong with it?

    I had solve this problem by use the driver from Masayuki Murayama.
    I think the tu-2.2.0 is the suitable driver for MX98715 and etc.

  • CSA 5.1 Agent Installation on Microsoft Clusters with Teamed Broadcom NICs

    I'm searching all over Cisco.com for information on installing CSA 5.1 agent on Microsoft Clusters with Teamed Broadcom NICs, but I can't find any information other than "this is supported" in the installation guide.
    Does anyone know if there is a process or procedure that should be followed to install this? For example, some questions that come to mind are:
    - Do the cluster services are needed to be stopped?
    - Should the cluster be broken and then rebuilt?
    - Is there any documentation indicating this configuration is approved by Microsoft?
    - Are there case studies or other documentation on previous similar installations and/or lessons learned?
    Thanks in advance,
    Ken

    Ken, you might just end up being the case study! Do you have a non-production cluster to with?
    If not and you already completed pilot testing, you probably have an idea of what you want to do with the agent. Do you have to stop the cluster for other software installations? I guess you might ask MS about breaking the cluster it since it's their cluster.
    The only caveat I've seen with teamed NICs is when the agent tries to contact the MC it may timeout a few times. You could probably increase the polling time if this happens.
    I'd create an agent kit that belongs to a group in test mode with minimal or no policies attached to test first and install it on one of the nodes. If that works ok you could gradually increase the policies and rules until you are comfortable that it is tuned correctly and then switch to protect mode.
    Hope this helps...
    Tom S

  • Can I capture USP traffic with NI-SPY

    11-14-07
    Can I capture USB traffic with NI-Spy? if so how?
    Thanks
    TeBlues

    Hi TeBlues,
    NI-Spy captures return a log of low-level driver calls being made to National Instruments drivers.  It does not track the serial data passed along the USB bus.  To capture the serial traffic on the USB bus, I would recommend Portmon (if you are using a Windows OS).  This program monitors all serial and parallel port activity on a system.
    Donovan

  • Prevent PPPoE encapsulation of traffic with specific destination

    My ISP requires a PPPoE tunnel to connect and the modem I use is in Transparent bridging mode. If I connect a dedicated interface and specify the network/IP and use NAT, I can connect to the modem management. However, this isn't my preferred setup as my previous cable ISP used DHCP and any routed traffic out the outside interface destined to 192.168.100.1 would be responded to by the cable modem. I'm assuming that since the traffic with PPPoE is encapsulated, the modem is forwarding everything right out to the link since I get an ISP router responding with traffic destined 192.168.0.1 no route to host.
    Is there a way to exclude 192.168.0.0/24 from being encapsulated by PPPoE while all other traffic isn't? If I have to have multiple vlans to do this properly that is fine, I'm just lost in finding a way to use one physical port on my ASA 5505. Setting trunking with with either the outside or modem vlan as native on the interface doesn't appear to allow the modem to connect unless outside is the native vlan
    Thanks for any help.

    Hi Bro
    Yes, in the old/former way of doing things, the PPPoE is being handled by the Modem, provided by your ISP. For this reason, your Cisco Firewall OUTSIDE interface is able to grab a dynamic private IP Address i.e. 192.168.0.XXX/24 from the Modem (acting as the DHCP server). With dynamic NAT being enabled in your Cisco Firewall, LAN users on the INSIDE of your Cisco Firewall can now browse the internet and also access the Modem’s management webpage.
    Now, the PPPoE is being handled by your Cisco Firewall directly. This means, your Cisco Firewall OUTSIDE interface will now grab a dynamic public IP Address from your ISP directly, via your Modem (acting as transparent/bridging device). With dynamic NAT being enabled in your Cisco Firewall, LAN users on the INSIDE of your Cisco Firewall can now browse the internet but cannot access the Modem’s management webpage anymore. This is because the LAN users will appear as public IP, while your Modem is still on private IP, no route. There’s no way to exclude 192.168.0.XXX/24 from being encapsulated by PPPoE.
    What I have in mind for you is, use another spare interface in your Cisco Firewall, and connect it directly to the Modem. This interface is strictly for the Modem’s management purposes. With dynamic NAT being enabled in your Cisco Firewall, LAN users on the INSIDE of your Cisco Firewall can now access the Modem’s management webpage.
    Here’s a sample;
    interface Vlan3
    nameif outside
    security-level 0
    pppoe client vpdn group TEST
    ip address pppoe setroute
    interface Vlan2
    nameif mgmt
    security-level 10
    ip address 192.168.0.10 255.255.255.0
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.100.10 255.255.255.0
    interface Ethernet0/0
    description ### Link to Modem for Internet ###
    switchport access vlan 3
    interface Ethernet0/1
    description ### Link to Modem's Management Port for Management Purposes ###
    switchport access vlan 2
    interface Ethernet0/2
    description ### Link to L2 LAN Hub/Switch ###
    interface Ethernet0/3
    shutdown
    interface Ethernet0/4
    shutdown
    interface Ethernet0/5
    shutdown
    interface Ethernet0/6
    shutdown
    interface Ethernet0/7
    shutdown
    mtu outside 1492
    mtu inside 1500
    global (outside) 1 interface
    global (mgmt) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    vpdn group TEST request dialout pppoe
    vpdn group TEST localname cisco
    vpdn group TEST ppp authentication pap
    vpdn username cisco password cisco123
    access-list inside extended permit ip any any
    access-list mgmt extended permit ip any any
    access-list outside extended permit ip any any
    access-group inside in interface inside
    access-group outside in interface outside
    access-group mgmt in interface mgmt

  • Ruei collector's traffic with tap

    I don't know whether ruei's issus should be posted here?
    we've copy the network traffic with tap(cisco modules),and 40% of power to ruei collector.the total traffic of outbound should 1.3Gbps,but the traffic we can saw only 1Gbps in cacti.
    we've already tested the tap and hp NC522SFP adapter with iperf,it works fine.
    is anyone have ideas?
    sorry for my poor English,Best wishes to you.

    Hi Tony,
    could be several causes for not seeing all the traffic. Pls find some possible problems/resolutions for this issue in this knowledge article: https://support.us.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1073610.1&h=Y
    should you find no resolution in this it might be best to log an SR for this case as I expect some additional information about your setup is needed.
    R, Jurgen

  • Restricting Coherence traffic to a single NIC in a box with 2 NICs

    Hi All,
    I have a new question, or rather a request for confirmation / correction.
    Am I right, that for restricting Coherence traffic to a dedicated network card and segment, I need to do the following things:
    1. Set up a route entry in the routing table directing the multicast address to the particular network interface, e.g. (syntax might not be correct, assume 225.1.1.1 to be the clusteraddress and eth1 the dedicated network interface).:
    route add 225.1.1.1/32 eth12. Set tangosol.coherence.localhost to the ip address of eth1 within the same machine. (different setting on each box).
    Do I need to do anything else?
    Thanks and best regards,
    Robert

    Hi Cameron,
    it seems, we needed to add the route for the multicast IP on Linux to be directed to the Gigabit network interface, after all. Without that, the cluster heartbeat was noticed, but the Linux box was not able to join the cluster of HP-UX boxes.
    We are also receiving this warning, but I don't think it has anything to do with the connection problem:
    2006-11-13 12:38:02.154 Tangosol Coherence 3.2/357 (Pre-release) <Warning> (thread=main, member=n/a): UnicastUdpSocket failed to set receive buffer size to 1428 packets (2096304 bytes); actual size is 89 packets (131071 bytes). Consult your OS documentation regarding increasing the maximum socket buffer size. Proceeding with the actual value may cause sub-optimal performance.
    Best regards,
    Robert

  • Storage 7410 cluster - separating "admin" traffic from "storage" traffic

    Please help me figure out a strategy here. We have a Storage 7410 cluster running in an active/passive mode. On each node, I have cabled nge0 and nge1 each to 100Mbps ports and nxge0 and nxge1 to 10Gbps ports. I have configured nge0 to be the "admin" interface for node 1, and nge1 the same for node 2. I have aggregated nxge0 and nxge1 via LACP and it's currently owned by node 1 (fails over to node 2 nicely). Here's the basic layout:
    Node 1
    nge0 -> active "admin" interface -> ip address 172.16.158.33
    nge1 -> inactive (owned by Node 2) "admin" interface
    nxge0/nxge -> active LACP aggregate "aggr1" -> ip address 172.16.158.32
    Node 2
    nge0 -> inactive (owned by Node 1) "admin" interface
    nge1 -> active "admin" interface -> ip address 172.16.158.41
    nxge0/nxge -> inactive (owned by Node 1) LACP aggregate
    What's confusing me is routing. Right now all interfaces have IPs on the same subnet. I can define a default route for the gateway on that subnet (172.16.158.1) on the "aggr1" LACP, but only Node 1 gets routed. So, I can add two additional default routes to the same gateway, reflecting each of the other NICs (nge0, nge1). But the way I understand it, there's no guarantee that IP traffic that originated on aggr1 will return via that same interface. Or am I mistaken? Essentially, I want to segregate "storage" traffic from "admin" traffic, and I want to make sure that any host connecting to the "storage" IP address takes full advantage of the 10Gbps aggregate.
    Any ideas are welcome.
    Charles

    My assumption above was correct. At some point, traffic was now favored over nge0, so my performance went down from ~200MB/s to about 60MB/s (expected results with Windows VMs on vmware with a NFS datastore). It looks like I may have to abandon the nge ports and lose the LACP (at least until I can get a second nxge NIC in each head). Is that all I can do? Any ideas are appreciated.
    Charles

Maybe you are looking for