zeebahi
Enthusiast
Enthusiast

Host route and NSX-T

Jump to solution

Hi everybody,

I am new to NSX-T, but have experience with VXLAN-BGPEVPN.

In VXLAN BGPEVPN,  VTEP can learn host routes ( /32) by snopping on ARP, DHCP messages from attached hosts.

Now my question, I will illustrate as below:

Case:T0 Only

We have two ESXi : ESXA and ESXB, both these ESXI are at two different data centers DC1 and DC2  joined by layer 3 WAN CKT:

DC1---1.1.1.1--WAN----2.2.2.2-DC2

ESXIA                                     ESXB

 

1) Over lay segment SEG-APP :(10.10.10.0/24) has been created and attached to Over lay transport TZ1 which is then attached to both ESXI hosts.

2) VMSERVER 10.10.10.10 is on ESXIA.

2) Edge node VM1 is on ESXI1 A and Edge node VM2 is on ESXB.  Only TO routers have been created, no T1 router is configured.

3) T0 routers are attached to TZ1 and also conncted to VLAN backed transport zone for external communication with non  NSX network.

Considerig the above, can T0 rouer  on Edge1VM( Which is on ESXIA)  learn 10.10.10.10/32 host route for attached VMSERVER1 by snooping on ARP, DHCP etc?

CASE: T1 and T0

Just like case1 but we are using T1 routers in addition to T0.

We have two ESXi : ESXA and ESXB, both these ESXI are at two different data centers DC1 and DC2  joined by layer 3 WAN CKT:

DC1---1.1.1.1--WAN----2.2.2.2-DC2

ESXIA                                     ESXB

1) Over lay segment SEG-APP :(10.10.10.0/24) has been created and attached to Over lay transport TZ1 which is then attached to both ESXI hosts.

2) VMSERVER 10.10.10.10 is on ESXIA.

2) Edge node VM1 is on ESXI1 A and Edge node VM2 is on ESXB.  T1/T0 routers have been created.

3) T1 routers are attached to TZ1 , T1 routers are also connected to T0, T0 routers are connected to non NSX's network using VLAN-back segment.

Considerig the above, can T1 rouer  on Edge1VM( Which is on ESXIA)  learn 10.10.10.10/32 host route for attached VMSERVER1 by snooping on ARP, DHCP etc?

Thanks and have a good weekend!!

 

 

 

 

 

 

 

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee

I'm unsure if we are planning for a Multi-site or NSX-T Federation site approach. You should certainly refer https://communities.vmware.com/t5/VMware-NSX-Documents/NSX-T-3-1-Multi-Location-Design-Guide-Federat... to know more about this. Keeping that aside, in NSX-T we do have EVPN, but the use case is for MP-BGP ( control plane use MP-BGP) and data plan use VXLAN. However, if we are not using that approach, all workloads will be leveraging the Geneve overlay network and T1&T0 will advertise the routes to upstream routers but they don't advertise /32 unless we are doing NAT.  If you are looking for Site-specific Egress for your workload, watch out for NSX-T Federation. For influencing the ingress routes, you will have to some route manipulation. 

Cheers,
Sree | CKA|CKAD|VCIX-3X| VCAP-4X| VExpert 5x
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

4 Replies
Sreec
VMware Employee
VMware Employee

I'm unsure if we are planning for a Multi-site or NSX-T Federation site approach. You should certainly refer https://communities.vmware.com/t5/VMware-NSX-Documents/NSX-T-3-1-Multi-Location-Design-Guide-Federat... to know more about this. Keeping that aside, in NSX-T we do have EVPN, but the use case is for MP-BGP ( control plane use MP-BGP) and data plan use VXLAN. However, if we are not using that approach, all workloads will be leveraging the Geneve overlay network and T1&T0 will advertise the routes to upstream routers but they don't advertise /32 unless we are doing NAT.  If you are looking for Site-specific Egress for your workload, watch out for NSX-T Federation. For influencing the ingress routes, you will have to some route manipulation. 

Cheers,
Sree | CKA|CKAD|VCIX-3X| VCAP-4X| VExpert 5x
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

zeebahi
Enthusiast
Enthusiast

Thanks Sreec!!

As you mentioned in both Multisite and Federation solutions , T0/T1 routers do not learn host route

Does VXLAN solution from VMWare can do headend ingress replication for bum traffic without requiring multicast functionality in underlay?

Because this video from Vmware at 0:56 mentions Multicast underlay being the requirement:

https://www.youtube.com/watch?v=MUFheGbIIws

 

Screenshot of the video:

Capture123.PNG

 

 

 

 

 

0 Kudos
Sreec
VMware Employee
VMware Employee

My bad I missed your reply.  Multicast is required when we use NSX-V ( Hybrid/Multicast), we don't have a multicast mode for BUM traffic ( Geneve) in NSX-T 

Cheers,
Sree | CKA|CKAD|VCIX-3X| VCAP-4X| VExpert 5x
Please KUDO helpful posts and mark the thread as solved if answered
0 Kudos
zeebahi
Enthusiast
Enthusiast

No problem!!

Appreciated!!

0 Kudos