ESXi 7.0: NVIDIA NATIVE Driver for VMware vSphere User Manual v4.19.71.1
Linux Kernel Upstream Release Notes v6.5

Ethernet Network

ConnectX®-4 onward adapter cards' ports can be individually configured to work as InfiniBand or Ethernet ports. The port type depends on the card type. In case of a VPI card, the default type is IB. If you wish to change the port type use the mlxconfig script.

To use a VPI card as an Ethernet only card, run:

Copy
Copied!
            

/opt/mellanox/bin/mlxconfig -d /dev/mt4115_pciconf0 set LINK_TYPE_P1=2 LINK_TYPE_P2=2

The protocol types are:

  • Port Type 1 = IB

  • Port Type 2 = Ethernet

For further information on how to set the port type in ConnectX®-4 onwards, please refer to the MFT User Manual (www.mellanox.com → Products → Software → InfiniBand/VPI Software → MFT - Firmware Tools).

Warning

Wake-on-LAN (WoL) is applicable only to adapter cards that support this feature.

Wake-on-LAN (WoL) is a technology that allows a network professional to remotely power on a computer or to wake it up from sleep mode.

  • To enable WoL:

    Copy
    Copied!
                

    esxcli network nic set -n <nic name> -w g

    or

    Copy
    Copied!
                

    set /net/pNics/<nic name>/wol g

  • To disable WoL:

    Copy
    Copied!
                

    vsish -e set /net/pNics/<nic name>/wol d

  • To verify configuration:

    Copy
    Copied!
                

    esxcli network nic get -n vmnic5 Advertised Auto Negotiation: true Advertised Link Modes: 10000baseT/Full, 40000baseT/Full, 100000baseT/Full, 100baseT/Full, 1000baseT/Full, 25000baseT/Full, 50000baseT/Full Auto Negotiation: false Cable Type: DA Current Message Level: -1 Driver Info: Bus Info: 0000:82:00:1 Driver: nmlx5_core Firmware Version: 12.20.1010 Version: 4.15.10.3 Link Detected: true Link Status: Up Name: vmnic5 PHYAddress: 0 Pause Autonegotiate: false Pause RX: false Pause TX: false Supported Ports: Supports Auto Negotiation: true Supports Pause: false Supports Wakeon: false Transceiver: Wakeon: MagicPacket(tm)

For further information, see https://kb.vmware.com/s/article/1004089

The driver is set to auto-negotiate by default. However, the link speed can be forced to a specific link speed supported by ESXi using the following command:

Copy
Copied!
            

esxcli network nic set -n <vmnic> -S <speed> -D <full, half>

Example:

Copy
Copied!
            

esxcli network nic set -n vmnic4 -S 10000 -D full

Where:

  • <speed> can be one of the supported speeds that can be queried using: "esxcli network nic get -n vmnic1"

  • <vmnic> is the vmnic for the Mellanox card as provided by ESXi

  • <full, half> The duplex to set this NIC to. Acceptable values are: [full, half]

The driver can be reset to auto-negotiate using the following command:

Copy
Copied!
            

esxcli network nic set -n <vmnic> -a

Example:

Copy
Copied!
            

esxcli network nic set -n vmnic4 -a

where <vmnic> is the vmnic for the Mellanox card as provided by ESXi.

Priority Flow Control (PFC) IEEE 802.1Qbb applies pause functionality to specific classes of traffic on the Ethernet link. PFC can provide different levels of service to specific classes of Ethernet traffic (using IEEE 802.1p traffic classes).

Warning

When PFC is enabled, Global Pause will be operationally disabled, regardless of what is configured for the Global Pause Flow Control.

To configure PFC, do the following:

image2019-7-17_16-36-20.png

  1. Enable PFC for specific priorities.

    Copy
    Copied!
                

    esxcfg-module nmlx5_core -s "pfctx=0x08 pfcrx=0x08"

    The parameters, “pfctx” (PFC TX) and “pfcrx” (PFC RX), are specified per host. If you have more than a single card on the server, all ports will be enabled with PFC (Global Pause will be disabled even if configured).

    The value is a bitmap of 8 bits = 8 priorities. We recommend that you enable only lossless applications on a specific priority.

    To run more than one flow type on the server, turn on only one priority (e.g. priority 3), which should be configured with the parameters "0x08" = 00001000b (binary). Only the 4th bit is on (starts with priority 0,1,2 and 3 -> 4th bit).

    Warning

    The values of “pfctx” and “pfcrx” must be identical.

  2. Restart the host for changes to the module parameters to take effect.

    Copy
    Copied!
                

    reboot

Receive Side Scaling (RSS) technology allows spreading incoming traffic between different receive descriptor queues. Assigning each queue to different CPU cores allows better load balancing of the incoming traffic and improve performance.

Default Queue Receive Side Scaling (DRSS)

Default Queue RSS (DRSS) allows the user to configure multiple hardware queues backing up the default RX queue. DRSS improves performance for large scale multicast traffic between hypervisors and Virtual Machines interfaces.

To configure DRSS, use the 'DRSS' module parameter which replaces the previously advertised 'device_rss' module parameter ('device_rss' is now obsolete). The 'drss' module parameter and 'device_rss' are mutually exclusive

If the 'device_rss' module parameter is enabled, the following functionality will be configured:

  • The new Default Queue RSS mode will be triggered and all hardware RX rings will be utilized, similar to the previous 'device_rss' functionality

  • Module parameters 'DRSS' and 'RSS' will be ignored, thus the NetQ RSS, or the standard NetQ will be active

To query the 'DRSS' module parameter default, its minimal or maximal values, and restrictions, run a standard esxcli command.

For example:

Copy
Copied!
            

#esxcli system module parameters list -m nmlx5_core


NetQ RSS

NetQ RSS is a new module parameter for ConnectX-4 adapter cards providing identical functionality as the ConnectX-3 module parameter 'num_rings_per_rss_queue'. The new module parameter allows the user to configure multiple hardware queues backing up the single RX queue. NetQ RSS improves vMotion performance and multiple streams of IPv4/IPv6 TCP/ UDP/IPSEC bandwidth over single interface between the Virtual Machines.

To configure NetQ RSS, use the 'RSS' module parameter. To query the 'RSS' module parameter default, its minimal or maximal values, and restrictions, run a standard esxcli command.

For example:

Copy
Copied!
            

#esxcli system module parameters list -m nmlx5_core

Warning

Using NetQ RSS is preferred over the Default Queue RSS. Therefore, if both module parameters are set but the system lacks resources to support both, NetQ RSS will be used instead of DRSS.

Important Notes

If the 'DRSS' and 'RSS' module parameters set by the user cannot be enforced by the system due to lack of resources, the following actions are taken in a sequential order:

  1. The system will attempt to provide the module parameters default values instead of the ones set by the user

  2. The system will attempt to provide 'RSS' (NetQ RSS mode) default value. The Default Queue RSS will be disabled

  3. The system will load with only standard NetQ queues

  4. 'DRSS' and 'RSS' parameters are disabled by default, and the system loads with standard NetQ mode

VXLAN/Geneve hardware offload enables the traditional offloads to be performed on the encapsulated traffic. With ConnectX® family adapter cards, data center operators can decouple the overlay network layer from the physical NIC performance, thus achieving native performance in the new network architecture.

Configuring Overlay Networking Stateless Hardware Offload

VXLAN/Geneve hardware offload includes:

  • TX: Calculates the Inner L3/L4 and the Outer L3 checksum

  • RX:

    • Checks the Inner L3/L4 and the Outer L3 checksum

    • Maps the VXLAN traffic to an RX queue according to:

      • Inner destination MAC address

      • Outer destination MAC address

      • VXLAN ID

VXLAN/Geneve hardware offload is enabled by default and its status cannot be changed.

VXLAN/Geneve configuration is done in the ESXi environment via VMware NSX manager. For additional NSX information, please refer to VMware documentation: http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.install.doc/GUID-D8578F6E-A40C-493A-9B43-877C2B75ED52.html.

Packet Capture utility duplicates all traffic, including RoCE, in its raw Ethernet form (before stripping) to a dedicated "sniffing" QP, and then passes it to an ESX drop capture point.
It allows gathering of Ethernet and RoCE bidirectional traffic via pktcap-uw and viewing it using regular Ethernet tools, e.g. Wireshark.

Warning

By nature, RoCE traffic is much faster than ETH. Meaning there is a significant gap between RDMA traffic rate and Capture rate.
Therefore actual "sniffing" RoCE traffic with ETH capture utility is not feasible for long periods.

Components

Packet Capture Utility is comprised of two components:

  • ConnectX-4 RDMA module sniffer:
    This component is part of the Native ConnectX-4 RDMA driver for ESX and resides in Kernel space.

  • RDMA management interface:
    User space utility which manages the ConnectX-4 Packet Capture Utility

Usage

  1. Installed the latest ConnectX-4 driver bundle.

  2. Make sure all Native nmlx5 drivers are loaded

    Copy
    Copied!
                

    esxcli system module list | grep nmlx nmlx5_core true true nmlx5_rdma true true

  3. Install the nmlxcli management tool (esxcli extension) using the supplied bundle
    MLNX-NATIVE-NMLXCLI_<version>.zip

    When the nmlxcli management tool is installed, the following esxli commands namespace is available:

    Copy
    Copied!
                

    # esxcli mellanox uplink sniffer

    This namespace allows user basic packet capture utility operations such as: query, enable or disable.
    Usage of the tool is shown by running one of the options below:

    Copy
    Copied!
                

    snifferesxcli mellanox uplink sniffer {cmd} [cmd options]

    Options:

    Copy
    Copied!
                

    disable Disable sniffer on specified uplink * Requires -u/--uplink-name parameter enable Enable sniffer on specified uplink * Requires -u/--uplink-name parameter query Query operational state of sniffer on specified uplink * Requires -u/--uplink-name parameter

  4. Determine the uplink device name.

    Copy
    Copied!
                

    Name PCI Device Driver Admin Status Link Status Speed Duplex MAC Address MTU Description ------ ------------ ---------- ------------ ----------- ------ ------ ----------------- ---- ------------------------------------------------------- vmnic4 0000:07:00.0 nmlx5_core Up Up 100000 Full 7c:fe:90:63:f2:d6 1500 Mellanox Technologies MT27700 Family [ConnectX-4] vmnic5 0000:07:00.1 nmlx5_core Up Up 100000 Full 7c:fe:90:63:f2:d7 1500 Mellanox Technologies MT27700 Family [ConnectX-4]

  5. Enable the packet capture utility for the required device(s).

    Copy
    Copied!
                

    esxcli mellanox uplink sniffer enable -u <vmnic_name>

  6. Use the ESX internal packet capture utility to capture the packets.

    Copy
    Copied!
                

    pktcap-uw --capture Drop --o <capture_file>

  7. Generate the RDMA traffic through the RDMA device.

  8. Stop the capture.

  9. Disable the packet capture utility.

    Copy
    Copied!
                

    esxcli mellanox uplink sniffer disable -u <vmnic_name>

  10. Query the packet capture utility.

    Copy
    Copied!
                

    esxcli mellanox uplink sniffer query -u <vmnic_name>

Limitations

  • Capture duration: Packet Capture Utility is a debug tool, meant to be used for bind failure diagnostics and short period packet sniffing. Running it for a long period of time with stress RDMA traffic will cause undefined behavior. Gaps in capture packets may appear.

  • Overhead: A significant performance decrease is expected when the tool is enabled:

    • The tool creates a dedicated QP and HW duplicates all RDMA traffic to this QP, before stripping the ETH headers.

    • The captured packets reported to ESX are duplicated by the network stack adding to the overhaul execution time

  • Drop capture point: The tool uses the VMK_PKTCAP_POINT_DROP to pass the captured traffic. Meaning whomever is viewing the captured file will see all RDMA capture in addition to all the dropped packets reported to the network stack.

  • ESX packet exhaustion: During the enable phase (/opt/mellanox/bin/ nmlx4_sniffer_mgmt-user -a vmrdma3 -e) the Kernel component allocates sniffer resources, and among these are the OS packets which are freed upon tool’s disable. Multiple consecutive enable/disable calls may cause temporary failures when the tool requests to allocate these packets. It is recommended to allow sufficient time between consecutive disable and enable to fix this issue.

Data Center Bridging (DCB) uses DCBX to exchange configuration information with directly connected peers. DCBX operations can be configured to set PFC or ETS values. DCB is enabled by default on the host side, you can choose between DCB modes using the dcbx module parameter. Example for setting the software mode:

Copy
Copied!
            

esxcli system module parameters set -m nmlx5_core -p dcbx=2

For hardware mode, you also need to make sure it is supported and enabled on the firmware by setting these values with mlxconfig tool:

  • LLDP_NB_DCBX = 1

  • Both: LLDP_NB_RX = 2 and LLDP_NB_TX_ = 2

  • At least one of: DCBX_IEEE = 1 or DCBX_CEE = 1

Example: /opt/mellanox/bin/mlxconfig -d 0000:05:00.0 set LLDP_NB_DCBX_P1=1

© Copyright 2023, NVIDIA. Last updated on Aug 31, 2023.