eccl1213
Enthusiast
Enthusiast

DLR when transport zone spans multiple DVS

I'm getting the following error when I try and create a DLR "transport zone of vxlan interfaces of distributed router must consist of same DV switch as that of vlan interfaces"


Here is back ground on our setup.  We have two clusters that are in two different datacenters but the same vCenter.   So each cluster has its own DVS.  Each DVS is configured with the same VLAN ID for the VTEP/VXLANS but the VTEP's are on a different subnet.


The VXLAN spans both clusters and each cluster is a member of the same transport zone.  Inter VM traffic over the VXLAN works perfectly well.


Now, if I try to create a DLR with the uplink on a DVS port group and the down link on the VXLAN it errors out with the message above.  As a test, I removed the second cluster from the transport zone and then it will work.


How does one use DLR when the transport zone spans multiple DVS?


If I deploy the Edge router, it works fine too.  Just can't get the DLR to deploy.


Any ideas?

0 Kudos
2 Replies
Richard__R
Enthusiast
Enthusiast

It sounds like an issue with the uplink being on a single VLAN-backed dvPortgroup on one VDS but then the DLR spanning two VDSs. The latter part should be fine normally but it sounds like the VLAN interface is throwing it off as that won't exist on both VDSs. The design recommendation is not to use VLAN LIFs on a DLR but rather peer with an Edge gateway over a logical switch and use that as the gateway to upstream VLANs.

you'd still have to run your ESG on one cluster or the other though as the dvPortgroup you'd be uplinking to that corresponds to your VLAN would only exist on one VDS.

Hoping I understood the scenario properly...

0 Kudos
bayupw
Leadership
Leadership

DLR supports connecting to VLAN backed portgroups / VLAN LIFs

However, VLAN LIFs can only span one VDS

See below doc:

Add a Distributed Logical Router

http://pubs.vmware.com/NSX-62/index.jsp#com.vmware.nsx.install.doc/GUID-E825C0C7-F4CC-4B26-90AF-A216...

A logical router cannot be connected to VLAN-backed portgroups if that logical router is connected to logical switches spanning more than one vSphere distributed switch (VDS).

This is to ensure correct alignment of logical router instances with logical switch dvPortgroups across hosts.

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos