In my previous post Step-by-Step-NSX-T 3.1 design and Install-P4 we have have covered deployment Tier-0 Gateway and configuration of BGP for route re-distribution.
Now we have established north south connectivity. Its time we make provision for east west communication.
Based on design decisions and customer requirements you can connect overlay segments to Tier-0 Gateway or Tier-1 gateway. Both will work and machines connected to segments will be able to communicate.
But to keep up with the ever changing needs of technology and customers, its a good choice to go with Tier-1 gateway for your east-west communication. Not just that it has many other use cases.
Deploy Virtual router for East-West, NSX-T T1 router.
In order to deploy Tier-1 gateway, we need to navigate to Networking tab and choose Tier-1 Gateway on the left hand menu.
Click on ADD TIER-1 GATEWAY button, and populate the information. Provide name and choose which T0 it will be connecting for uplink connectivity. As I am not going to host any stateful service on this T1, I am not selecting and edge cluster. Hit save.
Once you save, it will ask if you want to further configure the router, hit yes for that.
Now expand route advertisement, and toggle all connected segments & service ports switch.
Now our Tier-1 Gateway is ready to host overlay segments. So lets create one and test.
Creating Overlay segment.
Navigate to Networking and choose Segments on the left hand menu. This is where we created VLAN backed segments for our edge nodes.
Now click on add segment, and fill in the information and save.
Now segment status should be success.
This segment is ready for hosting workloads.
Verifying route re-distribution.
Login to edge node with SSH using admin credentials.
Use command "get logical-router" for fetching logical routers information.
Now connect to Tier-0 SR instance by using its vrf.
Use command "get bgp neighbor summary" to view neighbors connection status. Here you can notice the number of InPfx and OutPfx
Now lets verify the routes in our routing table, type command "get route". Now t1c routes are the ones connected to our Tier-1 Gateway, t0c are directly connected to Tier-0 Gateway and finally routes showed with b flags are BGP routes received from uplink router.
Verifying connectivity from underlay vlan to Overlay segment.
Connect to a VM which is hosted on a vlan backed network and perform "tracert" and "ping" operation for overlay segment. As I do not have a test VM placed on a overlay segment, I am performing test till overlay segment gateway address.
With this we can conclude NSX-T design and install. This series was focused on a single site deployment, in my future posts I will cover multi site deployments, with and without federation.
I hope I was able to add value, if your answer is yes, then don't forget to share and follow. 😊
If you want me to write on specific content or you have any feedback on this post, kindly comment below.
If you want, you can connect with me on Linkedin, and please like and subscribe my YouTube channel VMwareNSXCloud for step by step technical videos.
No comments:
Post a Comment