VMware Networking Community
JorgeDaCosta
Contributor
Contributor

Assymetrical routing

This is my first post so I hope its in the correct section.

Please have a look at a very poor design below .

 

test.jpg

When host 1 sits in Data centre 1 it exits via the 2 top DC edges to CR1 and CR2 at the top and the return traffic comes back in that way.

It works and everyone is happy.

If host 2 migrates , for whatever reason to Data centre 2 , it exists via the bottom 2 edges BUT the return traffic them comes back up the top 2 edges in DC1 ! I would prefer the return traffic to come in DC2 ... its currently assymetrical ... goes out one way and comes in another...

 

How do I fix this ?

 

Tagging the ip of the host with a tag or community and giving a higher preference on the CRs on the right would work if I could find where to tag ... What I have found is the host route/ip is active in Data Centre 1 and 2 at the same time and i cant distinguish where it is actually active on....

Anyone even get down to this level of detail before ?

Thanks

Reply
0 Kudos
7 Replies
Sreec
VMware Employee
VMware Employee

It is unclear what kind of NSX design you are using ( Multisite or Federation). That being said, you can certainly manipulate the routes in NSX

https://docs.vmware.com/en/VMware-Validated-Design/6.2/sddc-architecture-and-design-for-the-manageme...  (SDDC-MGMT-VI-SDN-072) 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
JorgeDaCosta
Contributor
Contributor

Thanks for the reply . Let me try to explain in a slightly simpler way.

Host (position A) ----- DC 1 Edge ---------- Internet/MPLS/Core Router 1                                         

                                        |

                                        |                                         

Host (position B) -----DC 2 Edge ----------- Internet/MPLS/Core Router 2

If the Host is in Position A I want the traffic to go to DC1 and out of Core router 1 and the return traffic to come back in Core Router 1

If the Host is in Position B I want the traffic to go to DC2 and out of Core router 2 and the return traffic to come back in Core Router 2

Thats it . Host can migrate between both positions and the routing will send it out the nearest edge to the nearest Core Router.

I would need some conditional routing "if host is in position A send it here and the return here" and the same for position B.

Another option would be to tag or set a community on the host ip address when it is active in position A or B but the problem is that the host is always in both places at any given time. I checked and the ip address and mac are always present in DC Edge 1 and DC edge 2 so i can never tell where the host actually is !

 

Reply
0 Kudos
Lalegre
Virtuoso
Virtuoso

@JorgeDaCosta,

Some questions:

  • Is the Segment stretched between sites?
  • Are you using T1? If so, is stretched?
  • The T0 is stretched?
Reply
0 Kudos
JorgeDaCosta
Contributor
Contributor

Is the Segment stretched between sites?

 

yes , all the esxi hosts within the cluster are participating in the same NSX transport zone so the vm's can freely move between the two data centres and still be connected to the same network. 

 

  • Are you using T1? If so, is stretched?

in this scenario we are not using a T1 , just a T0

 

The T0 is stretched?

 

the T0 is active active and has interfaces on each of the edge nodes showing the diagram, so 2 within each data center that has BGP neighborships into our core network , 

 

the T0 being its own AS number and the core being its own AS number 

Reply
0 Kudos
ShahabKhan
VMware Employee
VMware Employee

Hi,

If my understanding is correct, you are looking for local ingress & egress. In this design, since you are using active/active, there is no way to achieve that. 

Reply
0 Kudos
dragance
VMware Employee
VMware Employee

If I'm understanding correctly - you're satisfied with design (T0 A/A on both DC1 and DC2 sites), your outgoing traffic is working as expected in both scenarios when workload is on site DC1 or DC2 - only thing is returning traffic which is not working as expected.

If I'm correct with previous understanding then - return traffic is controlled on CR routers where you're using AS2222 and it's not related to NSX setup at all. You should check that setup and how outside clients are reaching AS2222 when coming in DC1 or DC2.

Your asymmetry is explained in NSX multisite reference design guide, with accent on firewall issues which can be present in these situations https://communities.vmware.com/t5/VMware-NSX-Documents/NSX-T-Multi-Location-Design-Guide-Federation-...

HTH,

Dragan

Reply
0 Kudos
LuisDaniel26
Contributor
Contributor

Thanks for the link, I found my answer over there.

Thanks for the link, I found my answer over there. If you're a college or high school student looking for free essay samples online, you might want to check out the website https://writinguniverse.com/free-essay-examples/stereotypes/ Here you may access a vast library of unpaid sample essays on a variety of subjects, including soccer. These essay illustrations might be very helpful tools for you while you finish your essay tasks.
Reply
0 Kudos