HyperFlex and the Network Control Policy

Available Languages

Download Options

  • PDF     (673.1 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (803.2 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (808.4 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:October 31, 2019
Document ID:215030

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Introduction

This article will explain what the Network Control Policy is within UCS and how it relates to the operation of your HyperFlex cluster under various scenarios.

HyperFlex and the Network Control Policy

What is the Network Control Policy? The Network Control Policy (NCP) defines the following features and actions:

Cisco Discovery Protocol (CDP): Enabled or Disabled

MAC Register Mode: Only Native VLAN or All Host VLANs

Action on Uplink Fail: Link Down or Warning

MAC Security - Forge: Allow or Deny

LLDP - Transmit/Receive: Disabled or Enabled

The HX Installer will create the following two NCPs under LAN / Policlies / root / Sub-Organization / <HX Cluster name> / Network Control Policies /

HyperFlex-infra

HyperFlex-vm

The Network Control Policy defined above are used by the vNIC templates created by the HyperFlex Installer. The vNIC Templates are located unser LAN / Policlies / root / Sub-Organization / <HX Cluster name> / vNIC Templates /

The following vNIC templates use the NCP HyperFlex-infra:

  • hv-mgmt-a
  • hv-mgmt-b
  • hv-vmotion-a
  • hv-vmotion-b
  • storage-data-a
  • storage-data- b

The following vNIC templates use the NCP HyperFlex-vm:

  • vm-network-a
  • vm-network-b

Let's drill down on NCP policy names HyperFlex-infra and the Action on Uplink Fail. By default, the Action on Uplink Fail is set to Link Down. This means that the vNIC will be instructed to go into a down state when its corresponding Uplink ( logical or physical) goes down. If we go to the VIF tab of a server under Equipment / Rack-Mounts / Servers / Server #, we can see what uplink our vNICs are utilizing:

The vNICs going to Fabric Interconnect A are pinned to Port-Channel 1. The vNICs going to Fabric Interconnect B are pinned to Port-Channel 2. If Port-Channel 1 does down, the vNICs that go to Fabric Interconnect A will be instructed to go down. If we log into vCenter, we will see the corresponding VMNICs as down.

Since we still have Port-Channel 2 on Fabric Interconnect B, the HyperFlex cluster will remain up and running. So what happens if we also lose Port-Channel 2 on Fabric Interconnect B. 

As you would expect, all vNICs are in a Down Link State and the corresponding VMNICS are also Down.

Since all VMNICS are down, connectivity to the ESXi management is lost and the HyperFlex cluster will go offline as the storage controller VMs can no longer communicate to each other.

The use of virtual port-channels, vPC, will provide the best redundancy for HyperFlex.  Currently, we do not support using warning instead of link down. There is a possibility that traffic could become blackholed and affect the network redundancy of HyperFlex.

TAC Authored

Contributed by Cisco Engineers

  • Ignacio Orozco
    Cisco CX Engineer

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products