Designlet: VMware HCX Mobility Optimized Networking for VMWare Cloud on Dell

Introduction

Mobility Optimized Networking (MON) is an Enterprise-tier capability of the HCX Network Extension feature. MON enabled network extensions improve traffic flows for migrated virtual machines by enabling selective cloud routing (within the destination environment), avoiding a long round trip network path via the source gateway.

The behavior of extended networks is such that all routed traffic for migrated workloads is directed back to the source-site gateway. MON allows you to configure the optimal path for migrated workload traffic to other extended network segments, cloud-native network segments, and Internet egress.

Scope of the Document

VMware HCX’s Mobility Optimized Networking (MON) is used to provide optimized traffic patterns when workloads are spread across on-premises and VMware Cloud SDDC on a L2 extended segment.  This document will cover use cases, consideration, and limitations of the feature. 

Summary and Considerations

Use Case
  • Optimizing routed traffic for multi-segment application that have inter-VLAN dependencies.
  • Direct access to cloud services through cloud gateway
  • Direct internet egress for VMs in the Cloud SDDC
Pre-requisites
  • Working HCX deployment, Service mesh and L2 extended segment
  • VMware Tools must be installed on MON-Enabled VMs
General Considerations/Recommendations
  • Intended for networks extended between two sites in a site-to-site service mesh.  (Does not provide routing optimization for multi-site extension)
  • Routing advertisements are limited to NSX-T Compute Gateway. All the extended segments are connected to this Gateway. No additional configuration is required
  • When MON is disabled, the network extended segments will show a type “Disconnected” and when MON is enabled, this will change to “Routed”
Performance Considerations Enabling MON will provide lower latency and higher bandwidth between VMs on extended networks in the same SDDC, and lower latency to the internet due to local egress. There is no other performance impact from using MON beyond the considerations when using Network Extension.
Document Reference

HCX User Guide

VMware Cloud on Dell HCX Configuration Maximums

Last Updated October 2022

 

Use Cases

Uses Cases for Mobility Optimized Networking

This section provides an overview of workload traffic flows using HCX Network Extension with and without Mobility Optimized Networking. This section covers supported use cases.  Other use cases may be possible but are not specifically supported.

MON improves network performance and reduces latency, in certain traffic patterns, for VMs migrated to the cloud on an extended L2 segment.  These traffic patterns are outlined below. 

image 15

Without MON, HCX Network Extension expands the on-premises layer-2 network to the cloud SDDC while the default gateway remains at the source. The network tromboning effect is observed when virtual machines at the destination, on different extended segments communicate.

image 16

MON enables migrated virtual machines reach segments within the SDDC without sending packets back to the source environment router.

image 17

MON enables migrated virtual machines to use the SDDC Internet interface to access corporate network or public internet

image 18

Planning and Implementation

Planning

VMware HCX MON gives a user the ability to optimize traffic flows and reduce latency on extended L2 segments.  When planning for your HCX Network extension design, you should consider the impacts of enabling this feature.  Changing a traffic pattern can have serious and sometime unintended consequences on applications in your environment.

Before discussing the MON planning questions, let’s review the HCX network extension and the default behavior.  When a network segment has been extended with the HCX (NE) service, you are expanding the boundary of an L2 domain, while keeping the default gateway for that L2 network at your on prem datacenter.  The default behavior has all traffic leaving that L2 segment returning on prem.  This is where enabling the MON features on the extended network could improve your overall design.  Once enabled, the user has the choice to continue egressing on-premises or changing this behavior to egress from the Cloud site.

  • HCX MON is controlled through the HCX Connector UI (On-premises site)

Usage Guidance

Now that we have reviewed the MON feature, let's look at optimizing your deployment.  We find many customers take a “MON-enabled by default” approach and begin pushing the limits.  In our experience, taking a closer look at your VM and traffic patterns will allow you to enable MON where necessary and stay well below the supported maximums. 

Considerations to optimize MON usage

  • MON optimizes traffic flows and lowers latency but typically isn’t required for communication.  In other words, you may have test/dev applications that require network communication but can withstand additional latency.  In this case, you can consider turning MON off and allowing traffic to trombone.
  • Examine traffic flows – We see many customers that make assumptions on VM to VM communication and therefore enable MON.  Upon closer inspection, these VMs either don’t talk or communicate so infrequently, that MON is not justified.
  • Cutover networks – as your migration progress, ensure you are cutting over extended segments as soon as possible.  Once a network is cutover, MON is no longer enabled for the VMs in that segment.  Cutting over a single segment can drop your MON consumption significantly.    

In addition to these considerations, we want to re-enforce the true purpose of MON and clarify misconception.

  1. MON is a mechanism to provide temporary relief for applications during a migration.  These applications are sensitive to latency or have exceptionally large east/west throughput.  These applications require the traffic to stay local and not trombone back on-premises.
  2. MON is not a permanent routing solution.  It is intended to be used during a migration exercise.
  3. MON should not be the central focus of your migration design.  It should be used to augment your broader migration strategy for select applications.
  4. The focus of your migration should always be to cutover the network as soon as possible, thus staying well within the MON scale limits.

Implementation

HCX MON is enabled per VM, or for an entire extended network. Optimized routing will apply to migrated VMs after following the steps below to enable MON. VMs that have not been migrated will continue to communicate with their local gateway.

Enable MON

  • In the HCX Manager UI, navigate to Services > Network Extension.
  • In the Network Extension screen, expand a site pair to see the extended networks. Network Extensions enabled for MON are highlighted with an icon.
  • Expand each extension to display network details.
  • Select a Network Extension and enable the slider for Mobility Optimized Networking. Enabling MON applies to all subsequent events, such as VM migrations and new VMs connected to the network. VMs in the source environment and VMs not having VM Tools are ineligible for MON.
  • For any existing migrated VMs requiring MON, follow the steps below:
  • Select a VM and expand the row. You can select multiple VMs using the check box next to each workload.
  • Select Target Router Location and choose the cloud option from the drop-down menu.
  • Select Proximity Conversion Type: “Immediate Switchover” or “Switchover on VM Event”. “Immediate Switchover” transfers the router location immediately. If a workload VM has ongoing flows to the source router, they will be impacted.  These impacts can include a few second traffic outage. “Switchover on VM Event” transfers the router location upon VM events like NIC disconnect and connect operations, and VM power cycle operations.
  • Click Submit. All selected VM workloads are configured for MON, which is indicated by a MON icon being displayed.
  • You can verify MON is enabled by measuring the latency to the gateway from a VM with a ping before and after MON is enabled. Viewing the NSX-T routing table in HCX will also show that host routes have been installed in the routing table for MON-enabled VMs.

Note: If you want to scale your HCX Environment, please work with your VMware account representative to do a feasibility study.

Filter Tags

Cloud Migration HCX VMware Cloud on Dell Designlet Networking Intermediate