4 Replies Latest reply on Aug 2, 2020 8:00 AM by s57

    Routing challenges with NSX

    s57 Lurker

      Hi all,

       

      I'm a newbie to NSX and, well, not that much of an expert on routing for that matter.  I've been trying to setup a simple NSX 6.4.6 test environment and go from there -- but I cannot seem to get routing working.  Here's the configuration:

       

      Physical gateway:   172.18.1.1/16

       

      ESG uplink:   172.18.125.1/16

      ESG internal:  10.100.100.1/24

       

      DLR uplink:   10.100.100.2/24

      DLR internal:  192.168.120.1/24

       

      test VM:  192.168.120.10

       

      I've disabled the firewalls on both the ESG and the DLR.  I've enabled OSPF on both using area ID 10.  I've gotten to the point where the DLR seems to be routing and I can get to the ESG.  But I can't get beyond that.  From the VM:

       

      ping 192.168.100.1     success

      ping 10.100.100.2     success

      ping 10.100.100.1     success

      ping 172.18.125.1     success

      ping 172.18.1.1 (or anything above that)     fails

       

      On both the ESG and DLR, show ip ospf neighbors lists neighbor entries.

       

      Any insights are appreciated.

        • 1. Re: Routing challenges with NSX
          AlessandroRomeo68 Master

          Hi.

          I am attaching the "NSX Troubleshooting Guide" manual. It will certainly be useful to you.

           

          ARomeo

          • 2. Re: Routing challenges with NSX
            s57 Lurker

            Thanks for your response.  I have been and continue to go through troubleshooting guides, etc, but am not having much luck -- hence my posting here.

             

            I should also add -- from the esg, I can ping the default gateway.  But from the dlr, I cannot.  So the esg does not seem to be routing, I just can't see why.  The config appears correct although I clearly have missed something.

             

             

            • 3. Re: Routing challenges with NSX
              Bayu Wibowo Master
              Community WarriorsUser Moderators

              Hi,

               

              Does your ESG connected to OSPF area 0?

              Could you share the show ip route from both of your ESG and DLR?

              Could you also check if your physical router has received the routes of networks behind DLR?

              From your explanation, you may be missing default route on DLR/ESG and probably the return routes on the physical network.

               

              Here's the OSPF design recommendation based on the official NSX design guide: VMware® NSX for vSphere Network Virtualization Design Guide ver 3.0

              ospf-connectivity.PNG

              Bayu Wibowo | vExpert NSX, VCIX6-DCV/NV, Cisco Champion, AWS-SAA
              Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
              https://nz.linkedin.com/in/bayupw | twitter @bayupw
              • 4. Re: Routing challenges with NSX
                s57 Lurker

                Thank you!  I had pretty much so convinced myself that I'd configured something incorrectly in NSX that I wasn't even looking at the physical router -- where there were OSPF issues.  I set a couple of static routes on the physical router and it all started working.  Now I just need to get my physical router OSPF working and I should be in business.

                 

                Thanks for the insights.