LAB NSX Logical Switching Configuration
LAB NSX Logical Switching Configuration
- Confirm so that host configuration are ready so that they are ready to install logical switch and confirm logical network preparation.
- Create a new logical switch and attach the logical switch to the NSX Edge Services Gateway.
- Add VMs to the logical switch and Test connectivity between VMs.
Confirm the configuration readiness of the hosts.
Login to Vcenter WEB client and Click Home | Networking & Security.
- Click on Installation and Upgrade tab and Click on Host Preparation.
- To view the information about NSX state of host in cluster t you can select Select a cluster from the list RegionA01-COMP01
Here you will find the following Hypervisor level kernel modules for Port Security, VXLAN, and Distributed Firewall and Distributed Routing component are properly installed on the host in each cluster.
In the host list you should scroll it right and Click VIEW DETAILS to view information about that host's VTEP kernel port and IP address.
Following steps are requited for VXLAN configuration:
- Configure VXLAN Tunnel End Point (VTEP) on each host.
- You should Configure Segment ID range to create a pool of logical networks. With Repletion mode (Unicast / Multicast / Hybrid)
- Configure the Transport Zone to define the span of the logical network.
The hosts have been configured with VXLAN Tunnel End Point (VTEP) interfaces and it uses 192.168.130.0/24 subnet for the VTEP pool.
VIEW SEGMENT ID CONFIGURATION
- Click on Logical Network Settings.
- Note the Segment ID Pool assigned to the environment which we have provided on LAB 1. As soon as any new logical switches are created in NSX, the next unused Segment ID is allocated and assigned.
Configure a new Logical Switch
- Click on the Green Plus icon to create a new Logical Switch and name it as Dclessons_Logical_Switch.
- For Transport Zone Select the RegionA0_Global_TZ. And use Unicast method as the Replication mode.
- Make sure that Enable IP Discovery box is checked. Click OK.
"Enable IP Discovery" helps in ARP (Address Resolution Protocol) suppression. As soon as an ESXi host with NSX Virtual Switch receives ARP traffic from any VM (Virtual Machine) or an Ethernet request, the host will sends the ARP request to the NSX Controller which holds an ARP table per VNI and If the NSX Controller has the information in its ARP table, it will send the information to the host, which in turn sent to the VM.
ATTACH THE NEW LOGICAL SWITCH TO THE NSX EDGE SERVICES GATEWAY FOR EXTERNAL ACCESS
- Select the newly created Dclessons_Logical_Switch and then click the Actions menu.
- Click Connect Edge.
NSX Edge can be used for two purpose Logical (Distributed) Router or as an Edge Services Gateway. Here we are going to use two type of NSX Edge services details provided below.
- The Edge Services Gateway configured as host name "Perimeter-Gateway-01", provides following network services such as DHCP, NAT, Load Balancing, Firewall and VPN, and includes dynamic routing capabilities.
- The Edge Services Gateway configured as the Logical Distributed Router, with host name “Distributed-Router-01" supports distributed and dynamic routing.
Here we will connect our logical switch to the NSX Edge Services Gateway, Perimeter-Gateway-01 providing above mentioned services and also it will provide connectivity between VMs that are connected to the logical switch and the rest of the environment.
- To select Perimeter-Gateway-01 Click the radio button to the left to it and Click Next.
- Click the radio button to the left of vnic7 to select it and Click Next.
- Provide name of interface as DClessons_Prod_Interface and Select Connected.
- Click the Green Plus icon to configure IP address and subnet information for this interface.
- Enter 16.40.1 as the Primary IP Address (Leave the Secondary IP Address blank). With 24 as Subnet Prefix Length.
- Verify your settings are correct and click Next to move forward.
ATTACH WEB-03A AND WEB-04A TO THE NEWLY CREATED PROD_LOGICAL_SWITCH
- Select the newly created Dclessons_Logical_Switch and then Click the Actions menu Click further Add VM.
- Select web-03a.corp.local and web-04a.corp.local. Virtual machine and Click the right arrow to add the selected VMs to this logical switch.
- Click Next.
- Select the vNICs of the two web VMs and Click Next and finish.
Now we have configured a new logical switch and which is further connected to the external network via the Perimeter-Gateway-01 Edge Gateway. You have also added two virtual machines to the new logical switch.
TEST CONNECTIVITY BETWEEN WEB-03A AND WEB-04A
Now we will test the connectivity between web-03a and web-04a.
- Click Home icon.
- Click Hosts and Clusters and expend the host to see your VMs.
- Click the Windows Start button.
- Click the PuTTY application icon from the Start Menu. You are connecting from the Main Console, which is in the 168.110.0/24 subnet. The traffic will pass through the Perimeter-Gateway-01 NSX Edge, and then to the web server.
- Scroll through the list of Saved Sessions until web-03a.corp.local is visible.
- Click web-03a.corp.local to select it.
- Click Load to retrieve the session information.
- Click Open to start a PuTTY session to the VM and test