Basic NSX Network virtualization setup

This post will go over the basic setup for network virtualization in NSX.  This is nothing new or exciting but I figured I would share as more users are deploying NSX in their home labs these days.   I will assume that you already have the environment prepared by deploying the manager and controllers and all your ESXi hosts are prepared.

We are going to set up the subnet of 10.0.0.0/17 to be virtually routed as shown below:

This requires the following:

  • Static route on Linksys EA6200 router to point 10.0.0.0/17 to 192.168.10.223 (because my Linksys does not support any dynamic routing protocols)
  •  A logical switch called Transport-10.0.0.0 between the border ESG and the Logical distributed router
  • OSPF configured between ESG-3 and LDR-3

 

Creation of the LDR-3 (pictures to follow steps)

  1. First we need to create a logical switch by choosing Logical Switches, select green + button, Input Name (Transport-10.0.0.0) and description and click ok
  2. Select NSX Edges in Navigator pane, select green + button
  3. In Name and description pane: Install Type: Logical (distributed) route, Name: LDR-3, Hostname ldr3, leave deploy NSX Edge selected, Next
  4. In settings, type your password, I like to enable ssh, click next
  5. In configure deployment: Press the green + to deploy a NSX Edge Appliance, Select correct resource pool, datastore, host, and folder, click ok
  6. Click Next
  7. In Configure interfaces
  8. Select connected to for HA interface: Port group DV-VM, press + below HA and add 192.168.10.224
  9. press the green + button under interfaces
  10. In Add NSX Edge Interface: Name Uplink, Connected to: Transport-10.0.0.0, Press green + to add IP: 10.0.0.2 subnet 24, Click ok
  11. Click Next
  12. In Default gateway settings:  Set the gateway IP as 10.0.0.1 and click next
  13. Ignore the Firewall and HA settings click next
  14. Click finish to deploy LDR

 

 

Creation of the ESG-3 (pictures to follow steps)

  1. Back at the NSX Edge section in Navigator
  2. Press the Green + sign
  3. In Name and description: Choose Edge Services gateway, Name: ESG-3, Hostname esg3 and select Next (in Production you might want high availability or ECMP)
  4. In Settings:  Type Admin password and enable ssh, Next
  5. In Configure deployment: Press Green + sign, Select resource pool, datastore and host then ok and Next
  6. In Configure Interfaces: press the green + sign
  7. Name: Uplink, Connected To: DV-VM, Press green + to add interface: 192.168.10.223 subnet 24, click ok
  8. Click Next
  9. In Default gateway settings insert default gateway of 192.168.10.1 then next
  10. Ignore firewall and HA settings and next
  11. Click Finish to deploy appliance

Configure Physical router

This is unique per router in mine I added a static route for the subnet:

 

Configure LDR

We need to add at least one inside network and configure OSPF.

  1. Logical Switch section we are going to add a switch for 10.0.1.0/24 called LS-10.0.1
  2. In Logical Switch Section: Green + button, Name LS-10.0.1 then OK
  3. Go to NSX Edges in Navigator
  4. Double click on LDR-3
  5. We need to add a interface for the new network Select Manage, Settings, Interfaces
  6. Select Green +
  7. Name: GW-10.0.1: Connected To LS-10.0.1, Green + button to add interface 10.0.1.1 subnet 24,
  8. Select Routing tab, global Configuration
  9. Go to Dynamic Routing configuration and click edit
  10. Make sure the uplink interface is chosen then click ok
  11. Press Publish Changes button
  12. Click on OSPF button
  13. Remove all current area definitions (51 ) with red X then publish changes
  14. Click green + on area definitions and add area 2 (just type 2 in area button leave rest default)
  15. Press green + in area to interface mapping button
  16. Make sure Uplink is selected and area 2 and press OK
  17. Press Edit button next to OSPF configuration and enable OSPF, For protocol address choose a free IP 10.0.0.3, forwarding is 10.0.0.2
  18. Publish Changes
  19. Go to firewall section
  20. Disable firewall
  21. Publish changes

 

Configure ESG-3

  1. Return to Networking & Security main section
  2. Select NSX Edges and double click on ESG-3
  3. Select Manage, Settings, Interfaces
  4. We need to add a interface for the transport between LDR and ESG
  5. Select vnic1 and press Edit button
  6. Connected to: Transport-10.0.0.0, IP: 10.0.0.1 subnet 24
  7. Select Routing
  8. In global configuration: Select edit next to dynamic routing configuration, ensure uplink is selected and press ok
  9. Publish changes
  10. Click on OSPF
  11. Remove current area definitions with red X and publish changes
  12. Add a new area for area 2 leaving everything else default
  13. In the area to interface mapping make sure you chose vnic1 (internal link) and area 2
  14. Select OSPF Configuration and Enable OSPF
  15. Publish Changes
  16. Select Firewall section and disable firewall and publish changes

 

Validate Configuration

Let’s validate configuration three ways: Confirming OSPF settings on ESG-3, Adding a new subnet, ping test

Confirming on ESG-3

  1. Login to ESG-3 via SSH (username admin password set during deployment)
  2. Type the following to see current routes (show ip route)  ensure that the E2 learned route is showing:

Adding a new subnet

  1. Stay logged into the ESG-3
  2. Switch to the Networking and security console, navigate to Logical switches
  3. Press green + to add a switch for LS-10.0.2
  4. select NSX Edges, Double click on LDR-3
  5. Go to Manage and settings
  6. Select Interfaces and press green +
  7. Name: GW-10.0.2, Internal, Connected to:  LS-10.0.2, IP 10.0.2.1 subnet 24
  8. Return to the ESG-3 ssh session and run the command show ip route to see 10.0.2.0/24

Test Via ping

  1. Attempt to ping either gateway on the LDR (10.0.1.1 or 10.0.2.1)

 

Additional commands on ESG-3

Here are some commands that will help you in troubleshooting OSPF

show ip ospf neightbors – show other members of the areas

show ip ospf database – understand current ospf database

 

2 Replies to “Basic NSX Network virtualization setup”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.