Solved: LACP Port Channel with VMWare ESXi IP Hash Message : %SW_MATM-4-

Peter Lyttle · ‎08-06-2012

Hello,

Currently I have an VMWare ESXi host with 2 NICs of which 6 (3 from each) ports are connected to a 3750X. I have configured LACP on the switch and set the vDS Port Group to Route Based on IP Hash (802.3ad), my config looks as follows -

port-channel load-balance src-dst-ip

interface Port-channel15

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/15

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

!

interface GigabitEthernet1/0/16

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

!

interface GigabitEthernet1/0/17

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

!

interface GigabitEthernet1/0/18

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

!

interface GigabitEthernet1/0/19

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

!

interface GigabitEthernet1/0/20

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 70 25 5

srr-queue bandwidth shape 10 0 0 0

priority-queue out

mls qos trust dscp

spanning-tree portfast

channel-protocol lacp

channel-group 15 mode active

Currently I am seeing a lot of MAC flapping in the switch log. From my understanding I would expect the MAC address to go out all the ports as this is what ESXi would do when using "Route based on IP Hash". I am concerned as to the impact this may be having on CPU / the switch.

Aug 6 09:42:05.700 BST: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.0939 in vlan 1 is flapping between port Gi1/0/16 and port Gi1/0/15

Aug 6 09:42:16.479 BST: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.28e4 in vlan 1 is flapping between port Gi1/0/20 and port Gi1/0/17

Aug 6 09:42:18.719 BST: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.7f6a in vlan 1 is flapping between port Gi1/0/19 and port Gi1/0/20

Aug 6 09:42:20.766 BST: %SW_MATM-4-MACFLAP_NOTIF: Host 0050.569e.0939 in vlan 1 is flapping between port Gi1/0/16 and port Gi1/0/15

Is this by design, if so can I turn the message off? If not please can you advise where I can check/change the configuration?

Thanks,

Peter

Sandeep Choudhary · ‎08-06-2012

This is really gud that ...you mentioned your solution here.

Can you please mark this question as answered, so thata it can help other guys.

Regards

Please rate if it helps.

View solution in original post

Sandeep Choudhary · ‎08-06-2012

Hi Peter,

Your configuration shows that u have made a trunk port as port-fast.

And the most easiest way of detection of loop (before the network goes down) is those flapping message you are getting.

It does seems that your network is having a L2 loop.

Disable the port-fast (on both sides) and then see if you are getting the flapping message.

If you are brave enough, you can also apply bpdu-guard to the port-fast (if there is a loop, it will change the port to err-disable / shut).

Regards

Please rate if it helps.

Peter Lyttle · ‎08-06-2012

Hi Sandeep,

Yea I had applied portfast as I know the vDS wont cause an L2 loop and should bring the ports up faster on boot etc.

If I have a virtual machine sitting on my ESXi hosts and have Route Based on IP Hash configured along with the above switch config. I would expect the MAC address to be shown on all interfaces that are members of the port-channel and therefore to see the MAC, I just didnt expect the switch to complain about it (as I thought this is how it should work).

Or am I misunderstanding something?

Sandeep Choudhary · ‎08-06-2012

HI Peter,

Flapping error occurs when the same MAC address is coming from two different physical ports. This may occur, for example, if two physical ports are connected to different ESX hosts.

use this thread to resolve ur issue:

https://supportforums.cisco.com/thread/2070018

Regards

Please rate if it helps.

Peter Lyttle · ‎08-06-2012

Hello,

All the physical ports are connected to the same host. It turns out that is was being caused by having LACP enabled rather than "on".

LACP is only supported on Nexus 1000.

http://communities.vmware.com/message/2093238#2093238

After changing from "active" to "on" the flapping has stopped happening.

Hope this helps someone else.

Sandeep Choudhary · ‎08-06-2012

This is really gud that ...you mentioned your solution here.

Can you please mark this question as answered, so thata it can help other guys.

Regards

Please rate if it helps.

LACP Port Channel with VMWare ESXi IP Hash Message : %SW_MATM-4-MACFLAP_NOTIF: Host <MAC> in vlan 1 is flapping between port