Cloud Pod Architecture and Cisco Nexus 1000v Bug

A customer I worked with owns two vBLOCKS between two datacenters.  They run Nexus 1000v for the virtual networking component. They deployed VDI and when we enabled cloud pod architecture the Global data replication worked great, however all of our connection servers in the remote pod would show red or offline. I found that we could not telnet to the internal pod or remote pod connection servers over port 8472.  All other ports we were good on. VMware Support confirmed this issue is with the Nexus 1000v and found that there was a bug in the N1kv and a TCP Checksum Offload.

 

The specific ports in question are the following:

VMware View Port 8472 – The View Interpod API (VIPA) interpod communication channel runs on this port. View Connection Server instances use the VIPA interpod communication channel to launch new desktops, find existing desktops, and share health status data and other information.

Cisco Nexus 1000V Port 8472 – VXLAN

 

Cisco has a bug report posted about 8472 being dropped at the VEM for N1kV:

https://tools.cisco.com/quickview/bug/CSCup55389

 

The bug mentions TCP Checksum being the root cause and offloading only 8472 packets. If removing the N1KV isn’t an option, you can disable TCP Offloading.

Disable TCP Offloading

  1. In the Windows server, open the Control Panel and select Network Settings > Change Adapter Settings.

a

Right-click on each of the adapters (private and public), select Configure from the Networking menu, and then click the Advanced tab. The TCP offload settings are listed for the Citrix adapter.

b

I recommend applying the following:

  • IPv4 Checksum Offload
  • Large Receive Offload (was not present for our vmxnet3 advanced configuration)
  • Large Send Offload
  • TCP Checksum Offload

 

You would need to do this on each of the VMXnet3 Adapters on each connection server at both datacenters. Once disabled (it did cause nic to blip), we were able to Telnet between the datacenters on port 8472 again.

 

After making these adjustments you should be able to login to the View Admin portal and see all greens for remote connection servers. I have tested this and validated it and it works as intended. For more information I recommend you read VMware KB 2055140.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: