Multicast address is flooded among all ports when VMs placed under single ESXi host.
search cancel

Multicast address is flooded among all ports when VMs placed under single ESXi host.

book

Article ID: 376164

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • When VMs that use multicast application is placed under same ESXi host, it receives the non intended IGMP group data of it's neighbor VM.
  • When IGMP snooping is enabled the dVswitch is suppose to maintain the IGMP report and forward the data to VM only if  "IGMP group join request" is requested  however we could see the traffic similar to broadcast.
  • IGMP group 1 receives traffic of IGMP group 2 and vice versa.

  • The guest VM has set a "ALLMULTI' flag explicitly. 

    /net/portsets/DvsPortset-0/ports/67108954/> get status 
port {
   port index:90
   vnic index:0x00000001
   portCfg:
   dvPortId:5
   clientName:vm_name.eth1
   clientType: 5 -> VMM Virtual NIC
   clientSubType: 9 -> Vmxnet3 Client
   world leader:3161379
   flags: 0x40093 -> IN_USE ENABLED WORLD_ASSOC DVS_PORT CONNECTED
   Impl customized blocked flags:0x00000000
   Passthru status: 0x8 -> DISABLED_BY_HOST
   fixed Hw Id:00:50:56:##:##:##:
   ethFRP:frame routing {
      requested:filter {
         flags:0x0000000f
         unicastAddr:00:50:56:##:##:##:
         numMulticastAddresses:22
         multicastAddresses:##:##:##:00:00:01,##:##:##:00:00:fb,##:##:##:40:15:91,##:##:##:40:23:4a,##:##:##:40:23:65,##:##:##:40:23:66,##:##:##:40:23:6b,##:##:##:40:23:6c,##:##:##:40:23:71,##:##:##:40:23:72,##:##:##:40:23:77,##:##:##:40:23:78,##:##:##:40:2f:5f,##:##:##:40:2f:6b,##:##:##:40:2f:77,##:##:##:40:2f:83,##:##:##:40:ff:02,##:##:##:40:ff:03,##:##:##:40:ff:04,##:##:##:00:00:01,##:##:##:00:00:fb,##:##:##:97:84:0f,
         LADRF:[0]: 0x0 
         [1]: 0x0 
      }
      accepted:filter {
         flags:0x0000000f                   <==================
         unicastAddr:00:50:56:##:##:##:
         numMulticastAddresses:22
         multicastAddresses:##:##:##:00:00:01,##:##:##:00:00:fb,##:##:##:40:15:91,##:##:##:40:23:4a,##:##:##:40:23:65,##:##:##:40:23:66,##:##:##:40:23:6b,##:##:##:40:23:6c,##:##:##:40:23:71,##:##:##:40:23:72,##:##:##:40:23:77,##:##:##:40:23:78,##:##:##:40:2f:5f,##:##:##:40:2f:6b,##:##:##:40:2f:77,##:##:##:40:2f:83,##:##:##:40:ff:02,##:##:##:40:ff:03,##:##:##:40:ff:04,##:##:##:00:00:01,##:##:##:00:00:fb,##:##:##:97:84:0f,
         LADRF:[0]: 0x0 
         [1]: 0x0 
      }
   }
   filter supported features: 0 -> NONE
   filter properties: 0 -> NONE
   rx mode: 0 -> INLINE
   tune mode: 0 -> default
   fastpath switch ID:0xffffffff
   fastpath port ID:0xffffffff
}

Environment

ESXi 

 

Cause

 

   ETH_FILTER_UNICAST = 0x0001, // pass unicast (directed) frames
   ETH_FILTER_MULTICAST = 0x0002, // pass some multicast frames
   ETH_FILTER_ALLMULTI = 0x0004, // pass *all* multicast frames
   ETH_FILTER_BROADCAST = 0x0008, // pass broadcast frames
  ETH_FILTER_PROMISC = 0x0010, // pass all frames (i.e. no filter)

  • Since we can see there are 22 multicast address, and  it does not exceed the max limit of 32 multicast address which means it is requested explicitly by guest driver.
  • As this flags is set from guest, the ESX have no control.

 

Resolution

  • This is an expected behavior from dVswitch as guest is requesting for "ALLMULTI"
  • The user has to debug within the guest and/or application to identify why this flag is being sent.
Powered by Wolken Software