Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«283 »
  • Post
  • Reply
BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



BangersInMyKnickers posted:

Been putting these Qlogic replacement nics through their paces and they seem to be holding up but one of the things I noticed was the out of box Rx buffer size was 512KB with a max of 4MB. Some amount of FIFO Rx errors so I'm playing around with the idea of increasing the buffer size but I'm not sure if there is a drawback similar to running deep queue depths on your storage adapters where latency can snowball on you. Maybe only increment it up to 1024KB?

code:
 esxcli network nic stats get -n vmnic0

NIC statistics for vmnic0
   Packets received: 293900719219
   Packets sent: 1688347185
   Bytes received: 1669266739098
   Bytes sent: 1863377034903
   Receive packets dropped: 0
   Transmit packets dropped: 0
   Multicast packets received: 962616
   Broadcast packets received: 0
   Multicast packets sent: 0
   Broadcast packets sent: 0
   Total receive errors: 53143
   Receive length errors: 0
   Receive over errors: 0
   Receive CRC errors: 0
   Receive frame errors: 0
   Receive FIFO errors: 53143
   Receive missed errors: 0
   Total transmit errors: 0
   Transmit aborted errors: 0
   Transmit carrier errors: 0
   Transmit FIFO errors: 0
   Transmit heartbeat errors: 0
   Transmit window errors: 0



ethtool -g vmnic0

Ring parameters for vmnic0:
Pre-set maximums:
RX:             4078
RX Mini:        0
RX Jumbo:       0
TX:             4078
Current hardware settings:
RX:             512
RX Mini:        0
RX Jumbo:       0
TX:             4078
The X710's default to 512KB for both Tx and Rx buffers and I've never seen them throwing FIFO error counts, though they were so busy making GBS threads the bed under any kind of load that they may have never gotten the opportunity to get to that point.

Bulk of the FIFO Rx errors ended up being from the other Intel X710s still in the cluster completely ignoring pause frames and flooding the receiving host with vMotion traffic. Once they were all replaced with the Qlogics it improved and at worst I saw about 30k as the host came out of maintenance mode and it was not consistently repeatable. The X710s were throwing 50k-1.5mil errors logged inside a minute while under heavy vMotion traffic. UNFORTUNATELY, these things are dogshit slow. Under high priority vMotion I'm barely able to crack 5gbps on the link while the Intels were hitting 8-9 under normal vMotion (while being extremely unstable). The Qlogics refusing to use the native driver and instead sticking to the linux emulated one so I assume that's at least part of the problem, but I'm not holding my breath for VMware support to get their act together and fix that problem anytime soon.

Qlogic: Tolerably lovely™

e: lol the Qlogics are straight-up lying and saying they are receiving twice the volume of traffic that they really are. Nobody in this industry knows what they are doing.

BangersInMyKnickers fucked around with this message at Jan 25, 2017 around 21:41

Adbot
ADBOT LOVES YOU

Wicaeed
Feb 8, 2005


I'm trying out the new PowerCLI 6.5 release and have so far had 0 luck getting it to even try and connect to our vCenter 6.0u2 environment.

The only information I've been able to gather so far is the following error message:

code:
VERBOSE: Attempting to connect using SSPI
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.
VERBOSE: Connect using SSPI was unsuccessful
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.

Even after passing the vCenter Administrator username and pasword in domain/username format, I'm left with the error message:

code:
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.


The vCenter server has a cert signed by our Root CA that is trusted, and I've also gone so far as to import the vCenter cert manually and trusted it, but have had no further luck.

I am aware of the known issue mentioned in the 6.5R1 release notes regarding vCenter not being able to authenticate using Kerberos (VMware PowerCLI Release Notes), however that doesn't appear to be the issue here since I'm using the local administrator account/

I've seen 0 information on Google regarding this issue, an IRC has been of 0 help.

What's going on here!??!

anthonypants
May 6, 2007

by Nyc_Tattoo


Dinosaur Gum

Wicaeed posted:

I'm trying out the new PowerCLI 6.5 release and have so far had 0 luck getting it to even try and connect to our vCenter 6.0u2 environment.

The only information I've been able to gather so far is the following error message:

code:
VERBOSE: Attempting to connect using SSPI
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.
VERBOSE: Connect using SSPI was unsuccessful
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.

Even after passing the vCenter Administrator username and pasword in domain/username format, I'm left with the error message:

code:
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.


The vCenter server has a cert signed by our Root CA that is trusted, and I've also gone so far as to import the vCenter cert manually and trusted it, but have had no further luck.

I am aware of the known issue mentioned in the 6.5R1 release notes regarding vCenter not being able to authenticate using Kerberos (VMware PowerCLI Release Notes), however that doesn't appear to be the issue here since I'm using the local administrator account/

I've seen 0 information on Google regarding this issue, an IRC has been of 0 help.

What's going on here!??!
Are you doing something more complicated than Connect-VIServer SERVERNAME -Credential (Get-Credential)

Wicaeed
Feb 8, 2005


Nope.

Apparently there's some funkiness regarding Windows SSPI and the new version of PowerCLI, because 6.3 works fine for me, but I can see that it does a little more in the auth attempt:

code:
VERBOSE: Attempting to connect using SSPI 
VERBOSE: Reversely resolved 'vcenter.domain.com' to 'vcenter.domain.com'
VERBOSE: SSPI Kerberos: Acquired credentials for user 'domain\thefuckingadmin'
VERBOSE: SSPI Kerberos: InitializeSecurityContext failed for target 'host/vcenter.domain.com'. Error code: 0x80090303
VERBOSE: Connect using SSPI was unsuccessful

Name                           Port  User                          
----                           ----  ----                          
vcenter.domain.com          443   DOMAIN.COM\thefuckingadmin
Whereas, even as the local administrator of vCenter I can't auth in 6.5, as well as tells me dick all as to what went wrong

code:
Connect-VIServer -Server vcenter.domain.com -Username vsphere.local\Administrator -Password 'itscomplextrustme'  -Verbose
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'

anthonypants
May 6, 2007

by Nyc_Tattoo


Dinosaur Gum

Wicaeed posted:

Nope.

Apparently there's some funkiness regarding Windows SSPI and the new version of PowerCLI, because 6.3 works fine for me, but I can see that it does a little more in the auth attempt:

code:
VERBOSE: Attempting to connect using SSPI 
VERBOSE: Reversely resolved 'vcenter.domain.com' to 'vcenter.domain.com'
VERBOSE: SSPI Kerberos: Acquired credentials for user 'domain\thefuckingadmin'
VERBOSE: SSPI Kerberos: InitializeSecurityContext failed for target 'host/vcenter.domain.com'. Error code: 0x80090303
VERBOSE: Connect using SSPI was unsuccessful

Name                           Port  User                          
----                           ----  ----                          
vcenter.domain.com          443   DOMAIN.COM\thefuckingadmin
Whereas, even as the local administrator of vCenter I can't auth in 6.5, as well as tells me dick all as to what went wrong

code:
Connect-VIServer -Server vcenter.domain.com -Username vsphere.local\Administrator -Password 'itscomplextrustme'  -Verbose
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'
Have you tried using Get-Credential instead of passing the username/password on the commandline

Do you get similar errors as these in your vpxd logs https://kb.vmware.com/selfservice/m...ernalId=2050701

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


Wicaeed posted:

I'm trying out the new PowerCLI 6.5 release and have so far had 0 luck getting it to even try and connect to our vCenter 6.0u2 environment.

The only information I've been able to gather so far is the following error message:

code:
VERBOSE: Attempting to connect using SSPI
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.
VERBOSE: Connect using SSPI was unsuccessful
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.

Even after passing the vCenter Administrator username and pasword in domain/username format, I'm left with the error message:

code:
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.


The vCenter server has a cert signed by our Root CA that is trusted, and I've also gone so far as to import the vCenter cert manually and trusted it, but have had no further luck.

I am aware of the known issue mentioned in the 6.5R1 release notes regarding vCenter not being able to authenticate using Kerberos (VMware PowerCLI Release Notes), however that doesn't appear to be the issue here since I'm using the local administrator account/

I've seen 0 information on Google regarding this issue, an IRC has been of 0 help.

What's going on here!??!

What is the key length of the server cert?

Pile Of Garbage
May 28, 2007

The poster formerly known as piss cheese-cube.





Wicaeed posted:

I'm trying out the new PowerCLI 6.5 release and have so far had 0 luck getting it to even try and connect to our vCenter 6.0u2 environment.

The only information I've been able to gather so far is the following error message:

code:
VERBOSE: Attempting to connect using SSPI
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.
VERBOSE: Connect using SSPI was unsuccessful
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.

Even after passing the vCenter Administrator username and pasword in domain/username format, I'm left with the error message:

code:
VERBOSE: Could not establish secure channel for SSL/TLS with authority 'vcenter.domain.com'.


The vCenter server has a cert signed by our Root CA that is trusted, and I've also gone so far as to import the vCenter cert manually and trusted it, but have had no further luck.

I am aware of the known issue mentioned in the 6.5R1 release notes regarding vCenter not being able to authenticate using Kerberos (VMware PowerCLI Release Notes), however that doesn't appear to be the issue here since I'm using the local administrator account/

I've seen 0 information on Google regarding this issue, an IRC has been of 0 help.

What's going on here!??!

I'm having the same issue with PowerCLI 6.3 Release 1 on a Windows Server 2008 R2 machine. Completely refuses to connect to any vCenter instances (5.5 and 6.0). Annoyingly the same version is working fine on a Server 2012 R2 machine. Admittedly I've been too lazy to troubleshoot.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Taking a stab in the dark here, but does 2008 and 2012 use different ciphers by default and there's an issue negotiating which ones to use?

Pile Of Garbage
May 28, 2007

The poster formerly known as piss cheese-cube.





I compared SCHANNEL config between the two, identical as one would expect given that Microsoft doesn't like taking the affirmative and disabling dodgy algos. For a test I reset the SCHANNEL config on the 2K8 R2 box to default and the issue persisted.

I'm thinking there's something screwy in a DLL or maybe registry entry for PowerCLI on the 2K8 R2 server as it's affecting connections to any vCenter instance in our environment (One 6.0 instance and five 5.5 instances).

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



Thanks Ants posted:

Taking a stab in the dark here, but does 2008 and 2012 use different ciphers by default and there's an issue negotiating which ones to use?

Out of box they have a ton of cipher overlap, TLS1.0-1.2, 3DES, AES128/256CBC along with every flavor of RSA/ECDHE should be able to negotiate between them

poverty goat
Feb 15, 2004



I'm playing with esxi 6.5 at home on an old HP workstation I picked up on the cheap, and I've currently got a freeNAS vm with a LSI SAS card passed through to it and it all seems to be working great. I've got another 7tb of drives in a standalone freenas machine that I'm tempted to move over so I can repurpose the other physical machine, but this is my first foray into esxi or passthrough and I don't know how worried I should be about loving it up and losing all the data. None of the data is mission critical or irreplaceable or anything but the last thing I want to do is have to replace my 5tb collection of linux isos. Any tips?

evil_bunnY
Apr 2, 2003



Buy a single 6TB drive and an online backup subscription?

Internet Explorer
Jun 1, 2005



Oven Wrangler

Yeah, you should be backing it up anyways. Most people can't backup 5+ TB over their Internet connection, so I think the single drive thing makes sense. Stick it in your workstation, make sure your day to day account doesn't have write access, and set up a backup from your ESXi box to your workstation. Should be good enough.

mewse
May 2, 2006



With VMWare horizon - Anyone have any insight on disabling thinprint services on the virtual desktop side? We used to stop and disable the two TP services but that doesn't seem to be sticking anymore with the new client builds.

GobiasIndustries
Dec 14, 2007



Lipstick Apathy

Anyone have experience with android-x86? I downloaded the latest version (6.0 r-1) and the Live CD seems to work but when I try to install it just sits at the android loading screen indefinitely (WMWare Fusion on OSX)

mewse
May 2, 2006



GobiasIndustries posted:

Anyone have experience with android-x86? I downloaded the latest version (6.0 r-1) and the Live CD seems to work but when I try to install it just sits at the android loading screen indefinitely (WMWare Fusion on OSX)

Haven't worked with it personally but just from poking around on the website:

quote:

Issues

VMware

You have to change your virtual disk type to be IDE because the default type in VMware is SCSI, and Android-x86 kernel is not configured to support SCSI. You can follow these steps:
Create a virtual machine.
Edit virtual machine settings after the virtual machine created.
Choose the hard disk and remove it.
Add a hard disk to create a new virtual disk, then you can choose IDE as your virtual disk type.
When finished, you can install android-x86 normally.

GobiasIndustries
Dec 14, 2007



Lipstick Apathy

mewse posted:

Haven't worked with it personally but just from poking around on the website:

It looks like the default is IDE. Regardless, I followed those instructions and the same thing happened, only now the android loading screen is blinking.

GobiasIndustries
Dec 14, 2007



Lipstick Apathy

GobiasIndustries posted:

Anyone have experience with android-x86? I downloaded the latest version (6.0 r-1) and the Live CD seems to work but when I try to install it just sits at the android loading screen indefinitely (WMWare Fusion on OSX)

Hey guess what, I'm an idiot! I completely forgot to check out the display settings for the VM in Fusion and 3d acceleration was not enabled and it turns out that is just a bit important to actually booting android I have no idea why I could boot the live cd but could never get to a gui setup screen after installing but hey, problem 1 solved!

BangersInMyKnickers
Nov 3, 2004

I have a thing for courageous dongles



I think my journey of Horrible 10gigE Interfaces is finally coming to an end. The X710's continue to spew errors all over the place and throw RX errors and no resolution is in sight for getting the native driver to work with NetApp hardware. The Qlogic 10gig quad port card could only pull 3-4gig at 1500mtu but could hit line speed on jumbo frames (the X710 is at least rated to do line speed on 64byte frames) so that was unacceptable but it turns out 6.x is shipping with the qfle3 native driver disabled.

https://kb.vmware.com/selfservice/m...ernalId=2147565

Turned it on, boom, line speed on 1500mtu and none of the errors of the Intel.

MF_James
May 8, 2008
I CANNOT HANDLE BEING CALLED OUT ON MY DUMBASS OPINIONS ABOUT ANTI-VIRUS AND SECURITY. I REALLY LIKE TO THINK THAT I KNOW THINGS HERE

INSTEAD I AM GOING TO WHINE ABOUT IT IN OTHER THREADS SO MY OPINION CAN FEEL VALIDATED IN AN ECHO CHAMBER I LIKE


Having my first foray into managing a vmware environment as a whole instead of just spinning up test machines and easy stuff like that.

We're currently running 5.5, from what I can tell (I didn't implement the systems and our documentation is... non-existent) we only have ESXi 5.5 on 3 hosts and then vSphere client 5.5, vmware tools and VMware Client Integration Plug-in 5.6.0 installed on a windows machine. We're running into a known issue with 5.5 where VMs will randomly become non-responsive from a network perspective and the only solution is to reboot the machine. So far the issue hasn't been too awful, only 3 VMs in the past 4ish months that have each done it 1 time, but after researching I've seen that it can get much worse. Looks like a patch was released shortly after we prepped the hosts in August, we're only a build from Feb.

Basically, I'm looking to patch this stuff and I just want a sanity check. I've checked here: https://kb.vmware.com/selfservice/m...ernalId=2057795 for the recommended patch/upgrade steps.

It seems as though I should upgrade ESXi on the 3 hosts and then upgrade the vmware tools. It seems like the vSphere client does not need to be patched, and I'm unsure about the plug-in, but I'm going to guess the plug-in doesn't need updated?

The patch I'm looking at applying is: https://kb.vmware.com/selfservice/s...ernalId=2144361 - VMware ESXi 5.5, Patch ESXi550-201608401-BG: Updates esx-base (2144361)

We are currently on this version of ESXi: ESXi 5.5 Express Patch 10 2016-02-22 3568722


Overall this doesn't seem much worse than Hyper-V which is what I'm used to, but I want to make sure I'm not missing something right out of the gate.

MF_James fucked around with this message at Feb 27, 2017 around 20:48

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Presumably you have vCenter as well somewhere in the mix?

MF_James
May 8, 2008
I CANNOT HANDLE BEING CALLED OUT ON MY DUMBASS OPINIONS ABOUT ANTI-VIRUS AND SECURITY. I REALLY LIKE TO THINK THAT I KNOW THINGS HERE

INSTEAD I AM GOING TO WHINE ABOUT IT IN OTHER THREADS SO MY OPINION CAN FEEL VALIDATED IN AN ECHO CHAMBER I LIKE


Thanks Ants posted:

Presumably you have vCenter as well somewhere in the mix?

I am assuming yes, trying to find out where it lives, I've asked our guys that did the implementation, just awaiting a response. I guess I forgot to add that in, but it gets updated PRIOR to ESXi, so it would be the first thing to get updated, then the 3 hosts, then vmware tools, and lastly the client if it even needs a patch. I don't think the vsphere client or the plug-in need patching as I haven't found anything for them, perhaps only with major version changes?


Found that vcenter is a linux VM, I forget what the term is, but we aren't monitoring it so that's why I couldn't find it anywhere.

MF_James fucked around with this message at Feb 27, 2017 around 21:45

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

VCSA? You'll need to upgrade that along with the hosts to be able to manage them.

Edit: I see you know that. VMware tools will nag you to update on the VMs once it's out of date, it's a pretty simple thing to do though.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


You need to know if there are any plugins registered in VCenter or other systems that use VCenter that may need to be updated concurrently with the VCenter updates. Things like update manager, storage management plugins, SRM, etc....

MF_James
May 8, 2008
I CANNOT HANDLE BEING CALLED OUT ON MY DUMBASS OPINIONS ABOUT ANTI-VIRUS AND SECURITY. I REALLY LIKE TO THINK THAT I KNOW THINGS HERE

INSTEAD I AM GOING TO WHINE ABOUT IT IN OTHER THREADS SO MY OPINION CAN FEEL VALIDATED IN AN ECHO CHAMBER I LIKE


Yeah it appears we don't have a lot of bells and whistles installed, finally talked to our architect and we've got:

1) vCenter appliance
2) 3 ESXi hosts
3) VMWare tools on all VMs
4) vSphere client
5) VMware Client Integration Plug-in

I believe 4 and 5 do not need to have anything done to them, although I'm going to do more digging, so it will be patching/updating the other stuff in the order listed.

Thank you for mentioning plug-ins we do have some that show up in vCenter, so it's possible those will need updated as well!

MF_James fucked around with this message at Feb 27, 2017 around 23:13

Smashing Link
Jul 8, 2003

I'll keep chucking bombs at you til you fall off that ledge!

Grimey Drawer

Are any of you all familiar with Ravello? They offer a service that can host ESXi in the cloud on Amazon and Google. Would it be feasible to get mac OS Sierra running on this kind of platform and then be able to access it through a reasonably well-powered Chromebook?

Maneki Neko
Oct 27, 2000



Smashing Link posted:

Are any of you all familiar with Ravello? They offer a service that can host ESXi in the cloud on Amazon and Google. Would it be feasible to get mac OS Sierra running on this kind of platform and then be able to access it through a reasonably well-powered Chromebook?

Maybe feasible, not legal.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


Smashing Link posted:

Are any of you all familiar with Ravello? They offer a service that can host ESXi in the cloud on Amazon and Google. Would it be feasible to get mac OS Sierra running on this kind of platform and then be able to access it through a reasonably well-powered Chromebook?

Sure, you can get Sierra running on ESX with enough trouble so it will work on Ravello too.

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Everything's gone a bit quiet on the vSphere on AWS front - I assume there's a billion NDAs in place and it will launch when it's done, as opposed to the idea being canned.

Smashing Link
Jul 8, 2003

I'll keep chucking bombs at you til you fall off that ledge!

Grimey Drawer

Maneki Neko posted:

Maybe feasible, not legal.

big money big clit posted:

Sure, you can get Sierra running on ESX with enough trouble so it will work on Ravello too.

I was wondering because there are a number of HowTos on getting Sierra to it to run on NUCs with ESXi and this seems like a logical extension. Is the legal issue about having the hypervisor only run on Apple hardware? I wouldn't want to put anything on a big cloud service that is illegal...home lab is a different matter.

anthonypants
May 6, 2007

by Nyc_Tattoo


Dinosaur Gum

Smashing Link posted:

I was wondering because there are a number of HowTos on getting Sierra to it to run on NUCs with ESXi and this seems like a logical extension. Is the legal issue about having the hypervisor only run on Apple hardware? I wouldn't want to put anything on a big cloud service that is illegal...home lab is a different matter.
Yeah, the lack of Apple hardware is why it wouldn't be legal.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


Thanks Ants posted:

Everything's gone a bit quiet on the vSphere on AWS front - I assume there's a billion NDAs in place and it will launch when it's done, as opposed to the idea being canned.

The cross cloud initiatives are still happening. They can't really afford not to pursue it, it's he only way VMWare stays relevant long term.

In the meantime you can already run ESXi in the cloud on Ravello.

Buttcoin purse
Apr 24, 2014

THIS DUDE HERE IS A REAL CLOWN


BangersInMyKnickers posted:

I think my journey of Horrible 10gigE Interfaces is finally coming to an end. The X710's continue to spew errors all over the place and throw RX errors and no resolution is in sight for getting the native driver to work with NetApp hardware. The Qlogic 10gig quad port card could only pull 3-4gig at 1500mtu but could hit line speed on jumbo frames (the X710 is at least rated to do line speed on 64byte frames) so that was unacceptable but it turns out 6.x is shipping with the qfle3 native driver disabled.

https://kb.vmware.com/selfservice/m...ernalId=2147565

Turned it on, boom, line speed on 1500mtu and none of the errors of the Intel.

Apologies if this is a stupid question, but is there something wrong with jumbo frames, or is it just that you don't want to only get line speed on jumbo frames because you figure lots of your VM's I/Os won't actually be that big anyway?

Vulture Culture
Jul 14, 2003

I was never enjoying it. I only eat it for the nutrients.


Buttcoin purse posted:

Apologies if this is a stupid question, but is there something wrong with jumbo frames, or is it just that you don't want to only get line speed on jumbo frames because you figure lots of your VM's I/Os won't actually be that big anyway?
Speaking only for myself here: jumbo frames are worthless for pretty much any cases where you're routing packets over an infrastructure you don't own (i.e. anything Internet-facing that pushes large amounts of traffic).

Internet Explorer
Jun 1, 2005



Oven Wrangler

I generally don't go the Jumbo Frames route. In smaller shops the performance benefits for their workloads are not worth the added complexity. I think it should be "try without, add later if needed" unless you have a workload that you know for a fact will see a big performance bump or are in an environment where you have dedicated virtualization or storage admins.

adorai
Nov 2, 2002

10/27/04 Never forget

Grimey Drawer

In my experience the gain from jumbo frames is greatly outweighed by the chance of making a mistake. I only increase mtu when required for some kind of encapsulation.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


The benefits of jumbo frames are usually about the reduction in CPU overhead on the switches and endpoints due to less packet processing. It makes sense for high throughout connections where you control the entire data path, like storage traffic, or a cluster back end. Not usually for front end host traffic.

evil_bunnY
Apr 2, 2003



big money big clit posted:

Sure, you can get Sierra running on ESX with enough trouble so it will work on Ravello too.
Unless they've changed the licensing you can only ever run OS X on apple iron.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


evil_bunnY posted:

Unless they've changed the licensing you can only ever run OS X on apple iron.

I didn't say it was legal or recommended, just technically possible.

Adbot
ADBOT LOVES YOU

Pile Of Garbage
May 28, 2007

The poster formerly known as piss cheese-cube.





adorai posted:

In my experience the gain from jumbo frames is greatly outweighed by the chance of making a mistake. I only increase mtu when required for some kind of encapsulation.

A couple of years ago I watched a big honkin' Cisco 6509 grind to a halt because someone forgot to enable jumbos on a VLAN which was handling storage traffic. Things were fine for about a week until the weekend when big backup jobs kicked off. CPU usage on the 6K started creeping up over the course of about 12 hours until it pegged at 100% and the whole unit just started dropping packets. One of my colleagues had to physically attend the DC to console in and un-gently caress it.

Good times.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«283 »