In previous post, we discussed about Security policies, MAC change and Forged transmit. With that covered, in this post, we will explore next switch policy which is Traffic Shaping policy. Traffic shaping policy allows ESXi host to shape the network traffic in both directions, Egress(Outbound) and Ingress (Inbound)***.
Ok, what does it mean by ‘shape the network traffic? Also, Why the use of ***?
Well, let’s look at first statement ‘shaping the traffic’ meaning in other words, this policy allows you to define limits in terms of Bandwidth usage and data size. About ***, it is to denote conditions apply. 🙂 Actually standard switch supports only Egress traffic shaping whereas DVS supports Egress as well as Ingress traffic shaping as shown in below images.
Standard Switch Portgroup:
As you can see in above images, there is only Egress or outbound traffic shaping configuration options available in standard switches, whereas DVS allows both Egress as well as Ingress.
A traffic shaping policy lets you configure average bandwidth, peak bandwidth, and burst size.
Average bandwidth basically means, bandwidth that is always available for traffic. You configure the number of bits per second (in kbps) to allow across a port, averaged over time.
Peak bandwidth represents max bandwidth (capping) that can be used for traffic in burst mode. This number in kbps, limits the bandwidth that a port uses when it is using burst mode bonus.
And lastly, burst size denotes max data size in KBytes/s that can be transferred with peak bandwidth.
This is best understood with an example.
Below is the simple scenario where I have two VMkernel ports namely vMotion and IP Storage on a virtual standard switch.
This switch has a single 1 gbps uplink. So basically I am sharing the uplink. Resource sharing always great but that does not mean one should create problems for other. Just for example, I really don’t want vMotion network to consume more bandwidth than required and ensure that IP Storage always has sufficient bandwidth available.
As shown in image, I want IP Storage VMkernel port to get more bandwidth than vMotion VMkernel port. So to achieve this, I will configure traffic shaping only on vMotion VMkernel port with peak bandwidth as 250 mbps and Average bandwidth of 200 mbps. Numbers used here for bandwidth are for example only, they do not represent standard or recommended configuration.
Be careful when you configure peak bandwidth and average bandwidth as speeds are in kbps so you will need to convert your speed in kbps. Missing a single digit while typing can create big performance issue.
You should not configure traffic shaping where you have to meet high demand (in my case, IP Storage) as these are limits. We are talking about capping the bandwidth, not allocating the bandwidth.
So what does it mean in above scenario?
Well, it simply means that vMotion will never go beyond 250 mbps but this speed is also not always available. It is available only in burst mode. However, it can always use upto average bandwidth of 200 mbps (as per demand, it can be less also).
On the other hand for IP Storage, it simply gets upto 750 mbps as always available bandwidth with the possibility to go beyond 750 Mbps when vMotion network is not in burst mode or not using its Average bandwidth.
So now it comes to understanding third component, burst size in burst mode. To understand this, we will need to do some mathematical calculations.
I am really a lazy person, I guess 🙂 specially at doing maths and don’t really want to go into converting big numbers from gbps or mbps into kbps. So I will use small numbers for calculations.
Let us understand these calculations. Actually to avoid complexity and keep easy and simple calculations, I have taken small numbers (in kbps already) as in image below.
As you can see in image above, Assume that I have configured 100 kbps as Peak Bandwidth and 50 kbps as Average bandwidth. Now in this example, let’s assume that vMotion network from my earlier scenario is configured with these values as an example here. So due to these settings, vMotion network will never go beyond 100 kbps. But As I mentioned earlier, this speed is available only in burst mode.
It can access its average bandwidth which is 50 kbps as and when required. Which also means, it is not necessary that vMotion will consume its average bandwidth every time, since it depends on demand.
So let’s say, as in image above, current usage is 30 kbps for last 20 seconds after which there is surge in demand due to new vMotion operation. In this case, it can always use upto 50 kbps, but can it go upto 100 kbps now in burst mode?
Burst mode is available if there are savings in past. Just like, if you save money, you can use it later when required.
Calculations are done with below formula
Burst Size = Bandwidth x Time,
Burst Size = 20 kbps x 20 Seconds
Burst Size = 400 KB
It means that, for upto 400 KB of data size, vMotion can use the Burst mode with 100 kbps. Once the data is consumed, it will drop to its Average speed even if your requirement is still there.
You can take another analogy to understand this. Let’s say, you have taken unlimited*** internet data plan of 100 GB data per month from your mobile operator where your operator guarantees higher speed of say 50 mbps, but once you consume your data size completely, you will drop to average minimum speed commitment, say 2 mbps.
I hope this explains concepts around traffic shaping.
Traffic shaping is nothing but setting up limits, so we are not talking about sharing the resource rather we are limiting it. So should be implemented as a last resort. If possible add enough resources and isolate traffics using other features such as vLAN, to avoid using traffic shaping.
If you are troubleshooting performance issues and not aware of these settings are configured, it may take longer to come around it. Traffic shaping is generally used to control the usage of network resources by the network traffics that have tendency to consume more than required (Bad players).
There are much better options to control network resources with NIOC than using traffic shaping. However, NIOC is available only with DVS.
That is all for this post. Check next one in this series on Network failure detection policy.