Ethernet Network
ConnectX®-4 onward adapter cards' ports can be individually configured to work as InfiniBand or Ethernet ports. The port type depends on the card type. In case of a VPI card, the default type is IB. If you wish to change the port type use the mlxconfig script.
To use a VPI card as an Ethernet only card, run:
/opt/mellanox/bin/mlxconfig -d /dev/mt4115_pciconf0 set LINK_TYPE_P1=2
LINK_TYPE_P2=2
The protocol types are:
Port Type 1 = IB
Port Type 2 = Ethernet
For further information on how to set the port type in ConnectX®-4 onwards, please refer to the MFT User Manual (www.mellanox.com → Products → Software → InfiniBand/VPI Software → MFT - Firmware Tools).
Wake-on-LAN (WoL) is applicable only to adapter cards that support this feature.
Wake-on-LAN (WoL) is a technology that allows a network professional to remotely power on a computer or to wake it up from sleep mode.
To enable WoL:
esxcli network nic set -n <nic name> -w g
or
set /net/pNics/<nic name>/wol g
To disable WoL:
vsish -e set /net/pNics/<nic name>/wol d
To verify configuration:
esxcli network nic get -n vmnic5 Advertised Auto Negotiation:
true
Advertised Link Modes: 10000baseT/Full, 40000baseT/Full, 100000baseT/Full, 100baseT/Full, 1000baseT/Full, 25000baseT/Full, 50000baseT/Full Auto Negotiation:false
Cable Type: DA Current Message Level: -1
Driver Info: Bus Info:0000
:82
:00
:1
Driver: nmlx5_core Firmware Version:12.20
.1010
Version:4.15
.10.3
Link Detected:true
Link Status: Up Name: vmnic5 PHYAddress:0
Pause Autonegotiate:false
Pause RX:false
Pause TX:false
Supported Ports: Supports Auto Negotiation:true
Supports Pause:false
Supports Wakeon:false
Transceiver: Wakeon: MagicPacket(tm)
For further information, see https://kb.vmware.com/s/article/1004089
The driver is set to auto-negotiate by default. However, the link speed can be forced to a specific link speed supported by ESXi using the following command:
esxcli network nic set -n <vmnic> -S <speed> -D <full, half>
Example:
esxcli network nic set -n vmnic4 -S 10000
-D full
Where:
<speed> can be one of the supported speeds that can be queried using: "esxcli network nic get -n vmnic1"
<vmnic> is the vmnic for the Mellanox card as provided by ESXi
<full, half> The duplex to set this NIC to. Acceptable values are: [full, half]
The driver can be reset to auto-negotiate using the following command:
esxcli network nic set -n <vmnic> -a
Example:
esxcli network nic set -n vmnic4 -a
where <vmnic> is the vmnic for the Mellanox card as provided by ESXi.
Priority Flow Control (PFC) IEEE 802.1Qbb applies pause functionality to specific classes of traffic on the Ethernet link. PFC can provide different levels of service to specific classes of Ethernet traffic (using IEEE 802.1p traffic classes).
When PFC is enabled, Global Pause will be operationally disabled, regardless of what is configured for the Global Pause Flow Control.
To configure PFC, do the following:
Enable PFC for specific priorities.
esxcfg-module nmlx5_core -s
"pfctx=0x08 pfcrx=0x08"
The parameters, “pfctx” (PFC TX) and “pfcrx” (PFC RX), are specified per host. If you have more than a single card on the server, all ports will be enabled with PFC (Global Pause will be disabled even if configured).
The value is a bitmap of 8 bits = 8 priorities. We recommend that you enable only lossless applications on a specific priority.
To run more than one flow type on the server, turn on only one priority (e.g. priority 3), which should be configured with the parameters "0x08" = 00001000b (binary). Only the 4th bit is on (starts with priority 0,1,2 and 3 -> 4th bit).
WarningThe values of “pfctx” and “pfcrx” must be identical.
Restart the host for changes to the module parameters to take effect.
reboot
Receive Side Scaling (RSS) technology allows spreading incoming traffic between different receive descriptor queues. Assigning each queue to different CPU cores allows better load balancing of the incoming traffic and improve performance.
Default Queue Receive Side Scaling (DRSS)
Default Queue RSS (DRSS) allows the user to configure multiple hardware queues backing up the default RX queue. DRSS improves performance for large scale multicast traffic between hypervisors and Virtual Machines interfaces.
To configure DRSS, use the 'DRSS' module parameter which replaces the previously advertised 'device_rss' module parameter ('device_rss' is now obsolete). The 'drss' module parameter and 'device_rss' are mutually exclusive
If the 'device_rss' module parameter is enabled, the following functionality will be configured:
The new Default Queue RSS mode will be triggered and all hardware RX rings will be utilized, similar to the previous 'device_rss' functionality
Module parameters 'DRSS' and 'RSS' will be ignored, thus the NetQ RSS, or the standard NetQ will be active
To query the 'DRSS' module parameter default, its minimal or maximal values, and restrictions, run a standard esxcli command.
For example:
#esxcli system module parameters list -m nmlx5_core
NetQ RSS
NetQ RSS is a new module parameter for ConnectX-4 adapter cards providing identical functionality as the ConnectX-3 module parameter 'num_rings_per_rss_queue'. The new module parameter allows the user to configure multiple hardware queues backing up the single RX queue. NetQ RSS improves vMotion performance and multiple streams of IPv4/IPv6 TCP/ UDP/IPSEC bandwidth over single interface between the Virtual Machines.
To configure NetQ RSS, use the 'RSS' module parameter. To query the 'RSS' module parameter default, its minimal or maximal values, and restrictions, run a standard esxcli command.
For example:
#esxcli system module parameters list -m nmlx5_core
Using NetQ RSS is preferred over the Default Queue RSS. Therefore, if both module parameters are set but the system lacks resources to support both, NetQ RSS will be used instead of DRSS.
Important Notes
If the 'DRSS' and 'RSS' module parameters set by the user cannot be enforced by the system due to lack of resources, the following actions are taken in a sequential order:
The system will attempt to provide the module parameters default values instead of the ones set by the user
The system will attempt to provide 'RSS' (NetQ RSS mode) default value. The Default Queue RSS will be disabled
The system will load with only standard NetQ queues
'DRSS' and 'RSS' parameters are disabled by default, and the system loads with standard NetQ mode
VXLAN/Geneve hardware offload enables the traditional offloads to be performed on the encapsulated traffic. With ConnectX® family adapter cards, data center operators can decouple the overlay network layer from the physical NIC performance, thus achieving native performance in the new network architecture.
Configuring Overlay Networking Stateless Hardware Offload
VXLAN/Geneve hardware offload includes:
TX: Calculates the Inner L3/L4 and the Outer L3 checksum
RX:
Checks the Inner L3/L4 and the Outer L3 checksum
Maps the VXLAN traffic to an RX queue according to:
Inner destination MAC address
Outer destination MAC address
VXLAN ID
VXLAN/Geneve hardware offload is enabled by default and its status cannot be changed.
VXLAN/Geneve configuration is done in the ESXi environment via VMware NSX manager. For additional NSX information, please refer to VMware documentation: http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.install.doc/GUID-D8578F6E-A40C-493A-9B43-877C2B75ED52.html.
Packet Capture utility duplicates all traffic, including RoCE, in its raw Ethernet form (before stripping) to a dedicated "sniffing" QP, and then passes it to an ESX drop capture point.
It allows gathering of Ethernet and RoCE bidirectional traffic via pktcap-uw and viewing it using regular Ethernet tools, e.g. Wireshark.
By nature, RoCE traffic is much faster than ETH. Meaning there is a significant gap between RDMA traffic rate and Capture rate.
Therefore actual "sniffing" RoCE traffic with ETH capture utility is not feasible for long periods.
Components
Packet Capture Utility is comprised of two components:
ConnectX-4 RDMA module sniffer:
This component is part of the Native ConnectX-4 RDMA driver for ESX and resides in Kernel space.RDMA management interface:
User space utility which manages the ConnectX-4 Packet Capture Utility
Usage
Installed the latest ConnectX-4 driver bundle.
Make sure all Native nmlx5 drivers are loaded
esxcli system module list | grep nmlx nmlx5_core
true
true
nmlx5_rdmatrue
true
Install the nmlxcli management tool (esxcli extension) using the supplied bundle
MLNX-NATIVE-NMLXCLI_<version>.zipWhen the nmlxcli management tool is installed, the following esxli commands namespace is available:
# esxcli mellanox uplink sniffer
This namespace allows user basic packet capture utility operations such as: query, enable or disable.
Usage of the tool is shown by running one of the options below:snifferesxcli mellanox uplink sniffer {cmd} [cmd options]
Options:
disable Disable sniffer on specified uplink * Requires -u/--uplink-name parameter enable Enable sniffer on specified uplink * Requires -u/--uplink-name parameter query Query operational state of sniffer on specified uplink * Requires -u/--uplink-name parameter
Determine the uplink device name.
Name PCI Device Driver Admin Status Link Status Speed Duplex MAC Address MTU Description ------ ------------ ---------- ------------ ----------- ------ ------ ----------------- ---- ------------------------------------------------------- vmnic4
0000
:07
:00.0
nmlx5_core Up Up100000
Full 7c:fe:90
:63
:f2:d61500
Mellanox Technologies MT27700 Family [ConnectX-4
] vmnic50000
:07
:00.1
nmlx5_core Up Up100000
Full 7c:fe:90
:63
:f2:d71500
Mellanox Technologies MT27700 Family [ConnectX-4
]Enable the packet capture utility for the required device(s).
esxcli mellanox uplink sniffer enable -u <vmnic_name>
Use the ESX internal packet capture utility to capture the packets.
pktcap-uw --capture Drop --o <capture_file>
Generate the RDMA traffic through the RDMA device.
Stop the capture.
Disable the packet capture utility.
esxcli mellanox uplink sniffer disable -u <vmnic_name>
Query the packet capture utility.
esxcli mellanox uplink sniffer query -u <vmnic_name>
Limitations
Capture duration: Packet Capture Utility is a debug tool, meant to be used for bind failure diagnostics and short period packet sniffing. Running it for a long period of time with stress RDMA traffic will cause undefined behavior. Gaps in capture packets may appear.
Overhead: A significant performance decrease is expected when the tool is enabled:
The tool creates a dedicated QP and HW duplicates all RDMA traffic to this QP, before stripping the ETH headers.
The captured packets reported to ESX are duplicated by the network stack adding to the overhaul execution time
Drop capture point: The tool uses the VMK_PKTCAP_POINT_DROP to pass the captured traffic. Meaning whomever is viewing the captured file will see all RDMA capture in addition to all the dropped packets reported to the network stack.
ESX packet exhaustion: During the enable phase (/opt/mellanox/bin/ nmlx4_sniffer_mgmt-user -a vmrdma3 -e) the Kernel component allocates sniffer resources, and among these are the OS packets which are freed upon tool’s disable. Multiple consecutive enable/disable calls may cause temporary failures when the tool requests to allocate these packets. It is recommended to allow sufficient time between consecutive disable and enable to fix this issue.
Data Center Bridging (DCB) uses DCBX to exchange configuration information with directly connected peers. DCBX operations can be configured to set PFC or ETS values. DCB is enabled by default on the host side, you can choose between DCB modes using the dcbx module parameter. Example for setting the software mode:
esxcli system module parameters set -m nmlx5_core -p dcbx=2
For hardware mode, you also need to make sure it is supported and enabled on the firmware by setting these values with mlxconfig tool:
LLDP_NB_DCBX = 1
Both: LLDP_NB_RX = 2 and LLDP_NB_TX_ = 2
At least one of: DCBX_IEEE = 1 or DCBX_CEE = 1
Example: /opt/mellanox/bin/mlxconfig -d 0000:05:00.0 set LLDP_NB_DCBX_P1=1