VMware Networking Community
LeoKurz2
Enthusiast
Enthusiast

Difference between a Internal and Uplink port on a DLR

Hello,

does anyone know what's technically the difference between an interneal and an uplink port (LIF) on a DLR?

__Leo

Reply
0 Kudos
6 Replies
Sreejesh_D
Virtuoso
Virtuoso

hi,

Please find the details on interfaces in this article.

NSX – Distributed Logical Router Deep Dive – VMware Professional Services

Uplink: This is used by the DLR Control VM to connect the upstream router. In most of the documentation you will see, it is also referred to as “transit”, and this interface is the transit interface between the logical space to the physical space. The DLR supports both OSPF and BGP on its Uplink Interface, but cannot run both at the same time. OSPF can be enabled only on single Uplink Interface.

LIFs: LIFs exist on the ESXi host at the kernel level; LIFs are the Layer 3 interface that act as the default gateway for all VM’s connected to logical switches.

Management: DLR management interface can be used for different purposes. The first one is to manage the DLR control VM remote access like SSH. Another use case is for High Availability. The last one is to send out syslog information to a syslog server. The management interface is part of the routing table of the control VM; there is no separate routing table. When we configure an IP address for the management interface only devices on the same subnet as the Management subnet will be able to reach the DLR Control VM management IP, and the remote device will not be able to contact this IP.

DLR Interface Type

Reply
0 Kudos
LeoKurz2
Enthusiast
Enthusiast

Thanx for your answer. I have read that already. But that doesn't explain what's the difference technically. If I don't uses OSPF or BGP, I see no difference in the behaviour on both Interfaces. Same for edge Gateway. I'd like to know what's Happening under the hood on both Interfaces.

__Leo

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee

Starting from deployment all the wayhw we consume the features in DLR there are lot of difference and routing scenario is just one example which is already posted in this thread. From an interface perspective while LIF acts as a GW for VM . If you need a outbound connectivity to another VM(different subnet) on same host  after the Route check packet will be locally routed. However if source and destination is on different servers or if it is P-V connectivity requirement ,we need a Uplink for DLR . Behind the scene route check will always happen on Source Hypervisor however destination being on different server packet should go all the way via physical layer - How you send that l3 packet is a design choice - Static/Dynamic etc etc..  That doesn't mean you can connect DLR-DLR and establish a routing - ideally Edge would be the next hop device - Uplink concept is same for DLR&Edge .

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
LeoKurz2
Enthusiast
Enthusiast

Hmm, still doesn't quite answer my question. I've been playing around a litte. I deployed a DLR w/o Edge-Appliance, assigned two lif's.to two vds's The router could be used by virtual and physical hosts, no matter if the Interfaces were internal or uplinks. My impression was, that in this scenario, there is no difference between the two. Different story if you add the Edge-Appliance. Every uplink Interface gets a vNIC on the appliance, internal Interface doesn't. This makes senese as only uplinks carry dynamic routing traffic and firewall rules for managemet traffic can by applied to uplinks. I think, only the OSPF/BGP traffic is carried over the vNIC of the appliance, the worklod traffic still uses the kernel but again, for the kernel forwarding, there seems to be no difference between internal and uplink..

For the ESG it's obvious. It's a vm with up to 10 vNICs w/o any kernel Routing involved.

Anyone can confirm this?

__Leo

Reply
0 Kudos
furryhamster
Enthusiast
Enthusiast

Internal interface is assigned a virtual

mac address, which is the same for all internal interfaces. Uplinks are assigned a physical MAC address.

6. NSX Distributed Logical Router | Chan's Blog

Reply
0 Kudos
Vikramaditya_J
Enthusiast
Enthusiast

Hi Guys, I know it's a very late response to this old post, however, I also came through the same question and found an answer, so thought to post it here and try to help out the community:

Internal interfaces are generally for East-West traffic i.e. traffic flow from server to server or simply the traffic flowing between the Virtual machines, while the Uplink interfaces are for North-South traffic i.e. Client to Server traffic or simply the traffic from a virtual space to the physical world or between the Datacenter and the rest of the network (i.e., anything outside the data center).

You can refer: https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.admin.doc/GUID-2B79...

Thank you!
Vikramaditya J
Reply
0 Kudos