In Hyper-V server, we can combine one or more physical NICs to form a NIC teaming solution and attach it to the NetScaler VPX for bandwidth aggregation and traffic failover to prevent connectivity loss in the event of a network component failure.
This article explains the various load balancing algorithms and Citrix recommendation for some of the NetScaler feature deployed with Hyper-V NIC teaming.
Hyper-V NIC Teaming and Load Balancing Algorithms
Outbound traffic of NIC team can be distributed among the available links in 3 ways using the following load balancing algorithms:
- Hyper-V Port
- Dynamic
- Address hash
From the deployment guide of NIC teaming (https://gallery.technet.microsoft.com/windows-server-2012-r2-nic-85aa1318) it is important to note the following facts about each algorithms when used with switch independent NIC Teaming.
Hyper-V port mode
- Uses single NIC interface from the NIC Team for Ingress and egress traffic distribution of a VM.
- There is no Source MAC Address changes done by host, peer device always observe the packets from a single mac.
- This mode limits a single VM to the bandwidth available on single interface of the team.
Address Hash mode
- Creates a hash based on address components of the packet and then assigns packets that have that hash value to one of the available adapters.
- All special packets including ARP, NetScaler (IPv6 Neighbour Discovery Packets), and ICMP packets are sent on the primary team member.
- All traffic sent on NICs other than the primary team member are sent with the source MAC address modified to match the NIC on which they are sent.
- All traffic sent on the primary team member is sent with the original source MAC address (which may be the team’s source MAC address).
Dynamic mode
- Takes the best aspects of each of the other two modes and combines them into a single mode.
- Outbound loads are distributed based on a hash of the TCP Ports and IP addresses and it also rebalances loads in real time so that a given outbound flow may move back and forth between team members.
- Every VM is affinitized to a team member. All ARP/NetScaler packets are sent on the team member to which the port is affinitized.
- Packets sent on the team member that is the affinitized team member have no source MAC address replacement done.
- Packets sent on a team member other than the affinitized team member will have source MAC address replacement done.
Citrix Recommendation
Citrix recommends the underlying load-balancing mode to be Hyper-V port mode when switch Independent NIC teaming is deployed with NetScaler VPX for following features
- HA
- Cluster
- MAC Based Forwarding
- MAC mode VServers
- Forwarding Sessions configured
This is because Dynamic mode and Address hash mode does source MAC address replacement for the outbound traffic and the peer device receiving the packets sent out of the NIC team interfaces will receive the packets with source MAC of the NIC team interface instead of the sender machine MAC .