Using non-default ports for VXLAN traffic causes packets to be dropped for pNics that do not support VXLAN offloading.
search cancel

Using non-default ports for VXLAN traffic causes packets to be dropped for pNics that do not support VXLAN offloading.

book

Article ID: 331419

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Symptoms:
Using non-default ports for VXLAN traffic causes packets to be dropped for pNics that do not support VXLAN offloading.

Environment

VMware ESXi 6.7.x

Cause

By default, the vmxnet3 driver uses port 4789 when a VM uses ENS and port 8472 when ENS is not enabled. As a result, when an overlay tunnel is configured from a guest VM with different default VXLAN port, vmxnet3 might drop packets.

Resolution

This issue is resolved in this release:

VMware ESXi 6.7, Build Number: 18828794, (hardware versions later than 14)

Build Details

Download Filename:ESXi670-202111001.zip
Build:18828794
Download Size:478.2 MB
md5sum:faa7493ac44f766c307bfa1a92f2bc03
sha256checksum:92fb8d22d012c34195a39e6ccca2f123dfaf6db64fafcead131e9d71ccb2b146
Host Reboot Required:Yes
Virtual Machine Migration or Shutdown Required:Yes


The fix makes sure vmxnet3 delivers packets when a VM uses either of ports 4789 or 8472. However, the fix works only on VMs with version ESXi 6.7 and later, hardware versions later than 14, and if the overlay tunnel is configured from a guest VM.
 

GUEST UPSTREAM PATCHES:
Changes implemented by Linux kernel versions:

5.8

dacce2be33124df3c71f979ac47e3d6354a41125 ("vmxnet3: add geneve and vxlan tunnel offload support")




Workaround:
  • Using default ports for NSX and non-NSX case
  • Turning off offloading on vmxnet3 from Guest machine
  • Upgrading pNic that supports offloading on hardware
  • If hardware cannot support more than one VXLAN port, only use default ports for VXLAN traffic.


Additional Information

Impact/Risks:
  • Customer will not having a working vxlan tunnel created inside a VM towards any outside box
  • As the workaround involves setting vmxnet3 offload off, customer will see performance penalty which can be averted by the performance enhancement of the offloading
STEPS TO REPRODUCE
Using non-default destination ports for VXLAN traffic when offloading is enabled.

Powered by Wolken Software