EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

LAB NSX Logical Router Configuration

LAB NSX Logical Router Configuration

Posted on Jan 17, 2020 (0)

LAB NSX Logical Router Configuration

Task:

Configure Routing in NSX infrastructure so that Web VM talks to App VM and APP VM communicates to DB VM. Also all component as per below topology.

Topology:

In this section we have already configured Distributed Router and now we will start configure Distributed Routing by adding the App and DB VM interfaces to the Distributed Router (NSX Edge) so that they can communicates to each other.

  • Select the Distributed-Router-01 and Double-click on it.
  • Click on Manage and then on Settings.
  • To display all interface configured for this router Click on Interfaces

  • Select and Click the Green Plus icon to add a new interface, Name it as Dclessons_APP_Tier.
  • On the right of the Connected To Field Click the Select link and then Click the radio button to the left of App_Tier_Logical_Switch and select it. The interface will communicate on this network and provide IP 16.20.1/24 as interface IP.
  • Click OK.

Repeat the same step for DB interface.

Now as soon as these two interfaces are configured on Distributed-Router-01 (NSX DLR), these interface configurations are automatically pushed to every host in the NSX environment. To handle routing between VM on each host, there is a Routing (DR) Kernel loadable module present. And In our lab Distributed Routing (DR) Kernel loadable module will handle the routing between the App and DB interfaces instead of the Perimeter Gateway (NSX Edge). When communication occurs between VMs that are connected to different subnets but reside on the same host, traffic will be delivered without ever traversing the physical network.

CONFIGURE DYNAMIC ROUTING ON THE DISTRIBUTED ROUTER

Go to vSphere Web Client browser tab.

  • Click on Routing and then Global Configuration. Edit it to change Dynamic Routing Configuration.

To select the default Router ID Select the IP address of the Uplink interface. In this case, the Uplink interface is Transit_Network_01 and it has IP address is 192.168.5.2.

Click OK

Click Publish Changes to so that it can update the configuration on Distributed-Router-01

CONFIGURE OSPF SPECIFIC PARAMETERS

Here we will use OSPF routing protocol between Perimeter-Gateway-01 and Distributed-Router-01. Which will exchange information about their known routes among them.

  • Click to the OSPF and Edit to change OSPF Configuration.

  • Select Transit_Network_01 for Interface. This will auto-populate the Forwarding Address field below. Check Enable OSPF to enable the OSPF on this interface.
  • Enter 168.5.3 for Protocol Address and use 192.168.5.2 auto-populated for Forwarding Address.
  • Confirm that Enable Graceful Restart is selected and Click OK.

  • Select and Click the Green Plus icon below Area Definitions and provide 10 as Area ID. Leave the remaining settings at default and Click OK.

AREA TO INTERFACE MAPPING

  • Select and Click the Green Plus icon below Area to Interface Mapping and Select Transit_Network_01 for Interface and Select Area 10.
  • Click OK.

Click on Publish Changes so that configuration on Distributed-Router-01(NSX Edge) can be updated.

CONFIRM OSPF ROUTING IS ENABLED ON THE DISTRIBUTED ROUTER

Now once the above configuration is done Ensure the OSPF configuration on Distributed-Router-01 (NSX Edge) matches the picture below

To return to NSX Edge summery page Click Back repeatedly until you reach to NSX Edges summary page with the list of Edges.

Select Perimeter-Gateway-01 and Double-click on it

  • Click on Manage | Routing | OSPF.
  • Click Edit to change OSPF Configuration and provide the following information:

  • Check Enable OSPF | Enable Graceful Restart| Click OK.

CONFIGURE AREA DEFINITION

  • Click the Green Plus icon provide 10 for Area ID. Leave the other settings at default.
  • Click OK.

ADD TRANSIT INTERFACE TO AREA TO INTERFACE MAPPING

  • Click the Green Plus icon also Select Transit_Network_01 for vNIC and Select 10 for Area.
  • Click OK.

Click on Publish Changes so that configuration on Perimeter-Gateway-01 (NSX Edge) can be updated.

CONFIGURE ROUTE REDISTRIBUTION

  • Select and Click Route Redistribution | Edit to change Route Redistribution
  • Check on OSPF| Verify BGP is checked | Click OK.

BGP has been already configured on Perimeter-Gateway-01 (NSX Edge), which will distribute the routes to vPod Router on our LAB. BGP has been configured between Perimeter-Gateway-01 (NSX Edge) and the vPod Router.

Both BGP and OSPF processes are configured and running on the Perimeter-Gateway-01, due to route distribution between these two routing protocol, Routes of each of them will be redistributed between them.

EDIT BGP REDISTRIBUTION CRITERIA

  • Click BGP in the Route Redistribution table | Pencil icon to change the configuration for BGP.
  • Check OSPF routing protocol | OK.

CONFIGURE OSPF ROUTE REDISTRIBUTION CRITERIA

  • Click the Green Plus icon | select OSPF | Check BGP | Check Connected.

Click OK | and Publish the changes

Centralized Routing

In this section, We will verify and check how routes are exchanged between the NSX perimeter ESG and (vPod Router) that runs control routes for entire lab.

LOOK AT OSPF ROUTING IN PERIMETER GATEWAY

log into the NSX Perimeter Gateway to view OSPF neighbors and see existing route learned from VPod Router and Distributed Router.

Login to vSphere Web Client browser tab.

  • Click Home icon | Click on VMs and Templates.

  • Expand RegionA01| Select Perimeter-Gateway-01 | Click on the Black Screen.

After VM console is launched  in the browser tab, Click inside the black screen and press Enter a few times to wake the VM console from the screensaver. Login it to it with username admin and password XXXXXXX

Enter show ip bgp neighbors.

  • BGP neighbor is 192.168.100.1 - This is the router ID of the vPod Router inside the NSX environment.
  • Remote AS 65002 - This is the autonomous system number of the vPod Router's external network.
  • BGP state = Established, up - This means the BGP neighbor adjacency is complete and the BGP routers will send update packets to exchange routing information.

Enter show ip route.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.