Nexus 1000v can't get multiple uplinks to talk on the same VLAN

Samsonite801 · ‎02-14-2016

Hello all,

I am having issues configuring the Nexus 1000v in a different way for lab use..

I am building a POC to see if possible to use several 10G nics in one ESXi host as a core switch for 4 other physical ESXi hosts. This means that I am trying to create 4 port-profiles for physical Ethernet (not uplinks, no port-channel), but just as access ports, and assign them into the same VLAN, and also want to have a vEthernet port-profile assigned on the same VLAN as the 4 uplinks, and get them all to interact as a switch..

So far, I am not able to get them talking. Are there any tricks I can try to get this to work?

If I install simple Linux on the bare metal host I can install bridge-utils package and set up a br0, assign all the 10G nics to it and wha-lah I have a switch.

But I want to have ESXi installed on the host so I can run other VMs there for lab study, but also want to host a bridge. Nexus 1000v seemed like the perfect answer to this as I could have a few pEthernet, and a few Ethernet port-profiles and they would talk like a mult-port switch.

Is there any way to disable the port-channel, or uplink type usage of the Ethernet ports so we just have a simple switch for all ports regardless of the port type?

I would love any feedback on this...

Samsonite801 · ‎02-16-2016

Just wondering if there is some specific procedure I need to disable port-channel on an Ethernet-type port-profile.

Or if I can make the 4 Ethernet port profiles I have talk promiscuously. I keep thinking it SHOULD work because the manual says even though not recommended, you can have the same VLAN spanning physical (Ethernet) port-profiles.

"NOTE: In an installation where multiple Ethernet port profiles are active on the same VEM, we recommend that they do not carry the same VLAN(s). The allowed VLAN list should be mutually exclusive.
Overlapping VLANs can be configured but may cause duplicate packets to be received by virtual machines in the network."

Since my goal is to get all the physical ports talking on the same VLAN, then I would think running this way would be fine..

I'm also wondering if I'd be better off running the ports in trunk mode or access port mode.. I don't need multiple VLANs on this network, so access port should be fine, but maybe there is some way to get it to work as trunk ports.. I have tried both types and still can't get them talking..

Samsonite801 · ‎02-16-2016

Yeah, I think this might be a lost cause..

In the guide here: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-1000v-switch-vmware-vsphere/guide_c07-556626.html#_Toc339600389 ; ...it looks like they show that 1000v has a loop prevention scheme which is most likely is going to keep any packet from traversing from physical to physical interface.. Period.

"The Cisco Nexus 1000V Series uses a simple technique to prevent loops. Like a physical Ethernet switch, the Cisco Nexus 1000V Series Switch performs source and destination MAC address lookups to make forwarding decisions. The VEM applies loop-prevention logic to every incoming packet on Ethernet interfaces. This logic is used to identify potential loops. Every ingress packet on a physical Ethernet interface is inspected to help ensure that the destination MAC address is internal to the VEM. If the source MAC address is internal to the VEM, the Cisco Nexus 1000V Series Switch will drop the packet. If the destination MAC address is external, the switch will drop the packet, preventing a loop back to the physical network."

Unless someone knew of a cool hack or workaround to get around that, or a way to set static mac address 'routes' or something then I think this idea is dead.

No big deal, off to something else.. Thanks for all your input...