LonnieOlson

I discovered a problem with Virtual machines and traffic being broadcast out all switches and switch ports. Any traffic sent from the host machine to his guest machine was broadcast out *all* ports on *all* switches in the subnet.

The VMware Forums have detailed the reason for this problem, but I will summarize.

VMware has a limitation (supposedly due to kernel limitation) in which traffic from host to guest must be put on the wire, when guest to host is not put on the wire. This split causes this situation.

When a guest does not run much traffic outside the host, it’s mac-address-table entry on the connected switch may expire and be removed. Switches handle packets addressed to mac addresses not in it’s table like hubs, broadcast everywhere to find the proper interface. This is normally fine because the next packet from that MAC will cause the table to be updated. However in the special situation of the host <-> guest conversation the packets generated by the guest never get put on the wire hence the mac-address-table never updating. Also causing host generated packets to continue to be broadcast *everywhere*.

Solutions:
* Patch the vmnet kernel module on the host as described in the forum posting. This patch causes guest -> host traffic to be put on the wire as well. Preventing the lopside problem, but causing more traffic on the wire to the switch.
* Statically add the mac-address to the table in the connected switch. This prevents host->guest traffic from moving beyond the connected switch, and doesn’t add additional packets on the wire, but adds additional maintenance.
* Cause the guest to send packets that pass outside the host at least once every 5 minutes (default aging-time). Few additional packets, and no switch maintenance. Install NTPd to synchronize the time.