Knowledge Base

The Microsoft NLB cluster masks the cluster's MAC address for all outgoing traffic to prevent the switch from learning the MAC address.

In ESX Server, the VMkernel sends a RARP packet each time certain actions occur—for example, a virtual machine is powered on, experiences teaming failover, performs certain VMotion operations, and so forth. The RARP packet informs the switch of the MAC address of that virtual machine. In a NLB cluster environment, this exposes the MAC address of the cluster NIC as soon as a NLB node is powered on. This can cause all inbound traffic to pass through a single switch port to a single node of the NLB cluster.

Note: VMware recommends configuring the cluster to use NLB multicast mode even though NLB unicast mode should function correctly if you complete these steps. This recommendation is based on the possibility that the settings described in these steps might affect VMotion operations on virtual machines. Also, unicast mode forces the physical switches on the LAN to broadcast all NLB cluster traffic to every machine on the LAN. If you plan to use NLB unicast mode, you must run all members of the NLB cluster on the same virtual switch or routers need to be able to accept proxy ARP responses (IP-to-network address mappings that are received with a different network source address in the Ethernet frame). Make sure that your router has proxy ARP support turned on. You can also set a static ARP entry to keep proxy ARP support disabled in the router.

 

Note: VMware recommends having two NICs on the NLB server.

Preventing RARP Packet Transmission for a Virtual Switch

 

Complete the following steps to prevent RARP packet transmission for the virtual switch as a whole. This setting affects all the port groups using the switch. You can override this setting for individual port groups using the instructions in Preventing RARP Packet Transmission for a Port Group.

1. Log on to the VI Client and select the ESX Server host.
   
   
2. Click the Configuration tab.
   
   
3. Choose Networking and, for the virtual switch, select Properties. The vSwitch Properties dialog opens
   
   
4. On the Ports tab, select the virtual switch and click Edit.
   
   
5. Click the NIC Teaming tab, set the Notify Switches option box to No as shown below:
   
   
   
   
6. Click OK and close the vSwitch Properties dialog box.

 

Preventing RARP Packet Transmission for a Port Group

 

Complete the following steps to prevent RARP packet transmission only for an individual port group rather than for the entire virtual switch. This setting overrides the setting you make for the virtual switch as a whole.

1. Log in to the VI Client and select the ESX Server host.
   
   
2. Click the Configuration tab.
   
   
3. Choose Networking and, for the virtual switch, select Properties. The vSwitch Properties dialog opens
   
   
4. On the Ports tab, select the port group and click Edit.
   
   
5. Click the NIC Teaming tab, select Notify Switches and select No as shown below:
   
   
   
   
6. Click OK and close the vSwitch Properties dialog box.

Instructions for ESX Server 2.x

1. Log onto the Management Interface and select Options> Advanced Settings.
   
   
2. Set the value for Net.NotifySwitch to 0.
   
   Note:Net.NotifySwitch is a global setting, affecting all virtual machines.

If you want more information on NLB, see the following:

http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/confeat/nlbovw.mspx