VMware Networking Community
niceguy001
Enthusiast
Enthusiast

NSX-T mtu size for edge VM?

hi guys,

I'm deploying the NSX-T 2.2 in my lab,

An issue popped up after I enable all the N-S and E-W traffic which is:

The VMs that were connected to logical switches can ping to internet such as 8.8.8.8 or google.com and resolve hostname,

however, the browser just can't open any webpage, websites were hanging there or timed out no matter which DNS server i use.

So I guess the problem is due to the MTU size mismatch...

in the lab,

All the physical switch ports which connected to all the fabric and transport nodes are configured to MTU size 1600.

An edge VM which carried a single tier-0 router is deployed on ESXi host and is currently connecting to several vSwitches on this ESXi host.

the edge VM transport node is configured to use the default uplink profile (for all the n-vds transport zone, including one involved in the vlan uplink logical switch), which MTU is 1600.

I just set the MTU size to 1600 on all the vSwithes and hoped this will fix my issue, however the VM still can't browse the internet website.

does any know what is the proper MTU setting for edge VM?

Tags (3)
Reply
0 Kudos
4 Replies
nealpeters86
Contributor
Contributor

Hello,

Your physical switches should have an MTU larger then 1600 I believe. You can try 1650.

Please check out the documentation, it is stated there pretty clearly.

NSX-T Network Requirements and Sizing

Regards,

Neal

Sreec
VMware Employee
VMware Employee

Rule is simple- Wherever you have overlay Networks between Source-Destination- MTU should be changed . For Eg : Edge Transit is connected to SW1 and Tier0-Tier1 communication is happening via SW2 - MTU change is required only at SW2 .

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
niceguy001
Enthusiast
Enthusiast

alright,

after some MTU checks on the infrastructure, the issue has been solved for 50% i guess.

however, a weird situation occurring in my lab is:

Most of the transport nodes' VTEP(Node A, B, C) which are under same subnet(vlan 172.16.1.0/24), including the edge VM, have no problems on dealing with N-S traffic. the VMs residing on this node which logical switch(LS-1) also covers, can browse the internet without any issues.

Only the transport node's VTEP(Node D) which is under different subnet(vlan 172.24.1.0/24) have problems on dealing with N-S traffic. the VMs residing on node D which logical switch(LS-1) also covers, cannot browse the internet, they could only ping and resolve hostname in the terminal, but these VMs don't have any problems on E-W traffic(such as web and smb).

P.S. 1. the nsx-t manager didn't show any abnormalities and all the status(such as tunnel or bond) are up.

2. the vlan which VTEP uses can route to each other because the gateway is configured.

3. the hierarchical mode is selected for the logical switch.

4. all the necessary MTUs were set to 1600 for all the possible datapath.

does anyone know why? i hope this is not MTU problem.

Reply
0 Kudos
akashanand
Contributor
Contributor

Physical Global MTU by default is 1600  ( Min 1280 Max:9000)
Logical Global MTU by default is 1600 (Min 64 Max: 9000)

Reply
0 Kudos