3 Replies Latest reply on Aug 20, 2019 6:21 AM by mauricioamorim

    NSX-T: 2 pnic Edge deployment. T0 only, no connectivity to outside.

    alsmk2 Enthusiast

      We've been struggling with an NSX-T deployment on hosts with only 2 pnics. So far we've managed to deploy the managers and migrate all vmkernels over to a single N-VDS, and we now have all VM's running on the platform too.

       

      We're currently trying to deploy an Edge node on top of it to take over all the routing for the VM's using a single Tier0 router. Tier 1 isn't required as it is not multi-tenanted. We then create a LS linked to the edge node and have moved a test VM onto it. It can ping the interface on the the T0 router on the same subnet, but is not able to ping the interface IP assigned to the uplink, and therefore can't get out to the internet.

       

      In terms of the setup of the Edge TN, we have the following:

       

      N-VDS - nic1 assigned to existing management segment

       

      From the Edge node NSX config screen:

       

      N-VDS1 - nic2/fp-eth0 - linked to tz-overlay with transport vlan 20 for Edge TEP IP(different from the esxi host transport node TEP VLAN).

      N-VDS2 - nic3/fp-eth1 - Segment on VLAN 10 - uplink to physical network / router / additional transport zone (tz-edge-vlan)

      nic4/fp-eth2 - Disabled (disconnected from the Edge VM in vSphere)

       

      One thing that bugs me is that the if I look at the transport zone page, the tz-edge-vlan has a status of unknown.

       

      In terms of the model, we're aiming for the last model mentioned in this blog: https://blogs.vmware.com/networkvirtualization/2018/10/flexible-deployment-options-for-nsx-t-edge-vm.html/

       

      Any help or ideas greatly appreciated, and apologies for the confusing overview, but NSX-T is new to me.

        • 1. Re: NSX-T: 2 pnic Edge deployment. T0 only, no connectivity to outside.
          mauricioamorim Hot Shot
          VMware Employees

          Send us some screenshots to help out. I have deployed the 2 pNIC model without any problems. One thing to note that is not shown on that blog post is that the T0's uplink has to be connected to a VLAN backed LS on the N-VDS of the Edge VM and have a tag of 0. Did you do this?

          • 2. Re: NSX-T: 2 pnic Edge deployment. T0 only, no connectivity to outside.
            alsmk2 Enthusiast

            Thanks for the quick response - I don't have access at the moment, but will grab some screenshots to post asap.

             

            In terms of the T0 uplink connected to a vlan backed LS on the edge N-VDS with vlan 0, in terms of the config highlighted above, would that LS be on N-VDS1 or 2? I'm assuming 2, but the vmnic on the edge VM for N-VDS2 only has a segment on it with VL10 already tagged. Would we be better changing the vlan on that to 0-4094, or literally create another segment onto N-VDS2 with a tag of 0 on it.

             

            Apologies for the daft question, but I've struggled to get my head around the edge part.

            • 3. Re: NSX-T: 2 pnic Edge deployment. T0 only, no connectivity to outside.
              mauricioamorim Hot Shot
              VMware Employees

              For T0 uplink you need this:

               

              1) ESXi host's N-VDS (let's call it NVDS1) in a VLAN TZ

              2) LS on NVDS1 with VLAN tag that is needed for connectivity to physical switch

              3) Edge VM's N-VDS (let's call it NVDS2) in a VLAN TZ (this is a different NVDS and different TZ than the one of the ESXi host)

              4) Edge VM's vnic connected to LS created on step 2) (today this cannot be done directly through NSX Manager and has to be done directly on vCenter, as NSX Manager does not show the LS for connecting the Edge VMs vnics, it only shows PortGroups on vDS/vSS)

              5) LS on NVDS2 with VLAN0

              6) Uplink of T0 connected to LS created on step 5)

               

              Hope this helps

              2 people found this helpful