VMware Networking Community
rajala
Contributor
Contributor
‎10-04-2020 06:28 PM
Jump to solution

NSX-T 3.0: Adding interfaces to VRF gateway failing

Adding interfaces to an VRF gateway is failing with the following error.

pastedImage_0.png

From developer tools I collected the following API request and response NSX-T manager UI is sent and received.

API Request for add interface request

{"subnets":[{"ip_addresses":["10.10.151.2"],"prefix_len":"24"}],"type":"EXTERNAL","segment_path":"/infra/segments/EDGE-NVDS-VRF-RED-TOR-L","display_name":"test","urpf_mode":"STRICT","access_vlan_id":"151","edge_path":"/infra/sites/default/enforcement-points/default/edge-clusters/a3f99a45-0a19-4cf1-a0a6-a89a68e4b8d4/edge-nodes/55875f6f-1b36-4476-818a-7535406ce005","id":"test"}

Response

{

  "httpStatus" : "BAD_REQUEST",

  "error_code" : 528009,

  "module_name" : "Policy",

  "error_message" : "Provider interface in default tier0 /infra/tier-0s/mahi-vrf-tier-0 should cover edge paths in VRF interfaces."

}

Reply
1 Solution

Accepted Solutions
Lalegre
Virtuoso
Virtuoso
‎10-05-2020 04:46 AM
Jump to solution

Have you configured the Parent T0 and its external interface before configuring the VRF?

View solution in original post

Reply
0 Kudos
8 Replies
Lalegre
Virtuoso
Virtuoso
‎10-05-2020 04:46 AM
Jump to solution

Have you configured the Parent T0 and its external interface before configuring the VRF?

Reply
0 Kudos
rajala
Contributor
Contributor
‎10-05-2020 04:10 PM
Jump to solution

Thanks for the response.

I do created Parent T0 but not the external interface. Now after creating the external interface on Parent T0 the VRF gateway interface configuration went through. I followed the configuration in the blog http://www.vstellar.com/2020/09/16/configuring-vrf-lite-in-nsx-t-3-0/

and it didn't talked about the configuration external interfaces on Parent T0. Could you point me to a doc that has  proper steps to configure the VRF gateway?

What is the role of the Paren T0 external interface configuration here? I see the parent external interface should be connected to a non-trunk vlan segment, whereas the VRF external interface should be connected to trunk vlan segment.

pastedImage_0.png

Reply
0 Kudos
Lalegre
Virtuoso
Virtuoso
‎10-05-2020 11:01 PM
Jump to solution

Hey rajala

Actually that blog post start with an architecture where it has an external interface configured in the T0. I could not find a document, even the official, where it states that you need that as I learned that from a Design session. However in this blog post you can see that he configures a T0 External interface: https://vdcnetworker.blog/vrf-lite-on-nsx-t-3-0/

To be honest with you I am not 100% sure of why this is needed and if this is used during the exchange of the routes but I think it is used for Inter-VRF connectivity. However I am not 100% sure.

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎10-06-2020 05:36 AM
Jump to solution

This is because vrf uplinks need a connection to Tier-0 gateway interface which should be in Trunk mode to peer with upstream routers.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
Lalegre
Virtuoso
Virtuoso
‎10-06-2020 05:43 AM
Jump to solution

Sreec​,

Quick question, this external interface also needs a BGP peering to be configured with the next hop router?

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎10-06-2020 05:50 AM
Jump to solution

Not required . However you can use it for routing other workload subnets which are not in VRF routing table.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
Lalegre
Virtuoso
Virtuoso
‎10-06-2020 05:56 AM
Jump to solution

Good to know that, thanks for the clarification, it was also my doubt :smileygrin:

Reply
0 Kudos
rajala
Contributor
Contributor
‎10-06-2020 12:19 PM
Jump to solution

Thank you very much Lalegre and Sree. Appreciate your help.

Have a great day!!!

Reply
0 Kudos