Lalegre
Commander
Commander

NSX-T 3.0 - Tunnels up but not connectivity - Nested

Jump to solution

Hello folks,

I have deployed a simple NSX-T 3.0 installation with 4 ESXi Hosts with one VDS for the TEPs and all the services VMKernels and another VDS for the Edge VM Nodes.

In both VDSs i have a portgroup with the same VLAN Tagged and same subnet which is used for TEP communication.

Anyways all my E-W connectivity is working properly and i can also connect from the VMs that i have under my T1 to the uplink in the T0. But when i try to connect to VMs that are placed in the same VLAN as my T0 Uplinks the connectivity never works. However if i try to do a connectivity from the VMs in the VLAN backed portgroup to the VMs that are connected behind the T1 it works.

I was looking at the configuration and i found the next:

As i described i am in compliance with scenario 1 but still is not working i do not know why. Any ideas?

Regards!

1 Solution

Accepted Solutions
Lalegre
Commander
Commander

The issue was related to Asymmetric traffic being generated between the VMs as i was using also the same VLAN to connect my NSX-T nested lab with another NSX-V Nested.

I just configured a new transport VLAN to connect both platforms and now i am learning the VM segment using BGP.

View solution in original post

0 Kudos
3 Replies
mauricioamorim
VMware Employee
VMware Employee

Do you have a diagram of what you configured? Is the VM on a VLAN in a DvPG or an NSX segment?

If I understood correctly, from a VM on an overlay segment to a VM on a VLAN Segment there is no connectivity. From the VM on a VLAN Segment to a VM on an overlay segment it works. Is this it?

One important note that is always recommended to do is to not share the VLAN transport zone between hosts and Edges. Put your edges in a separate VLAN TZ so your T0 uplinks are on a dedicated segment that is only used by the Edges. This won't even show in vCenter for your hosts and is best practice. Depending on how you configured your edges (single or multiple N-VDS), the Edge VM may or may not tag packets to the uplink and this impacts on how you configure the VLAN segment for this to work.

Lalegre
Commander
Commander

Hello mauricio,

Yes exactly that is the issue i am facing.

I am using the same VLAN for Overlay TEPs on ESXi and Edges. I can put both nodes on different subnets but i was looking at the documentations and it says the next:

"NSX Edge VM can be deployed using VSS/VDS port groups where VSS/VDS consume separate pNIC(s) on the host. Host transport node consumes separate pNIC(s) for N-VDS installed on the host. N-VDS of the host transport node co-exists with a VSS or VDS, both consuming separate pNICs. Host TEP (Tunnel End Point) and NSX Edge TEP can be in the same or different subnets"

I was trying to replicate that but now i just realized that it is taking about deploying the Edge VM on a VDS already having the ESXi Transport Node in an N-VDS.

Is it possible to have the ESXi Transport Node and the Edge VM Transport Node in different VDS using the same VLAN for Overlay?

Regards!

0 Kudos
Lalegre
Commander
Commander

The issue was related to Asymmetric traffic being generated between the VMs as i was using also the same VLAN to connect my NSX-T nested lab with another NSX-V Nested.

I just configured a new transport VLAN to connect both platforms and now i am learning the VM segment using BGP.

View solution in original post

0 Kudos