Marcin4
Enthusiast
Enthusiast

NSX Topology

Jump to solution

Hello,

Is it possible to deploy NSX-T on single Cluster that have 6 ESXi hosts, without havining seperate hosts or NICs for NSX EDGE?

The Host's has: 2 pNIC 10GbE

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
1 Solution

Accepted Solutions
shank89
Expert
Expert

When deploying NSX-T, select VDS instead of NVDS, so you will only have one VDS to deal with on each host.

You no longer require a separate N-VDS, so all your VMKernels and VM's will sit in this one VDS with all your workload as well.

Create your uplink portgroups, vlan backed segments and overlay networks all here.  The VDS can interoperate with both NSX-T created portgroups (vlan backed segments) and stock standard VDS port groups.  When you create NSX-T vlan backed segments they appear as being attached to the VDS now as well.

Hopefully this clears it up for you.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au

View solution in original post

33 Replies
shank89
Expert
Expert

Yes, what you are describing in a way is called a fully collapsed cluster.  This means management, compute and edges will sit in the same cluster.

2Pnics is fine, you would  utilize VLAN backed segments both for the vmnics and the t0 router interfaces.

Please see some deployment options for your edges here; NSX-T Edge: Flexible deployment options for NSX-T Data Center Edge VM.

Keep in mind that the TEP requirement has changed with NSX-T 3.1 which was released yesterday, where you do not need a separate routable network for the edges and the hosts, depending on which version you plan on deploying.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

Hello,

Does it mean that it will be something like ESG in NSX-V ?

Best Regards

Marcin.

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

In what way?  I generally do not compare V to T as trying to compare concepts and components doesn't generally work. 

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

Hmm, going back to deployment.

Can I use both nics to guarantee redundancy or i need to use one NIC for mgmt components and the other one for NSX ?

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

What version are you running?

In short yes you can utilize both NICs have a look at the link I sent in the previous post it shows you how you can achieve this.  Granted it is for an older version but the premise is the same.

This link will also help you, Fully Collapsed vSphere Cluster NSX-T Deployment .

Bit of reading across the both but it has all the answers you are after.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

vSphere 7.0 U1

NSX-T 3.1

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

Just use a vDS instead of an N-VDS, and you don't need a separate subnet / VLAN for TEP's anymore if you are doing edges on the compute nodes.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

Thats what i want to do, to deploy NSX Edges on compute nodes.

So some VMS on compute nodes can use VDS nad that two links and also anohter VMS will be connected to NSX that will be using that two links which are connected to vDS

Am I understanding that corectly ?

Im puting a screen shot to show you my lab vDS config.

12.jpg

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

When deploying NSX-T, select VDS instead of NVDS, so you will only have one VDS to deal with on each host.

You no longer require a separate N-VDS, so all your VMKernels and VM's will sit in this one VDS with all your workload as well.

Create your uplink portgroups, vlan backed segments and overlay networks all here.  The VDS can interoperate with both NSX-T created portgroups (vlan backed segments) and stock standard VDS port groups.  When you create NSX-T vlan backed segments they appear as being attached to the VDS now as well.

Hopefully this clears it up for you.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au

View solution in original post

Marcin4
Enthusiast
Enthusiast

That's what I wanted to hear.

Thank you for your help.

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
Marcin4
Enthusiast
Enthusiast

Just to be clear about TEPS

Wtih such configuration I do not need to put Host TEPS and Edge TEPS to differenet subnets ?

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

As of 3.1 correct.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
Marcin4
Enthusiast
Enthusiast

So I have connected NSX-EDGE to the same network as HOST TEP overlay which is on my VDS named LAB-Overlay.

13.png

and the NSX EDGE status tunnel is down, why is that?

2020-11-01 17_03_48-DT.png

reading that: NSX Edge Networking Setup

It says that:

" NSX Edge VM can be deployed using VLAN-backed logical switches on the N-VDS of the host transport node. Host TEP and NSX Edge TEP must be in different subnets."

Does it mean i need to put them to different subnets anyway?

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

So if you pay close attention to that document, whilst it says it is for 3.1 the last time it was updated was last year. 

I am just testing this out for you, give me a bit to get back to you.  In 3.0.1 same subnet for the TEPs is definitely no good.

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

That's true.

Thank you for your help, and please let me know if u will be able to resolve the case.

I'm also trying to make it with different approach.

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
Marcin4
Enthusiast
Enthusiast

If its in the same network then im getting this:

2020-11-02 10_09_23-Window.png

Nonetheless when i ssh to my host i can ping that EDGE TEPS

2020-11-02 10_12_19-Window.png

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

Just looking at it now, will get back to you as soon as I can.

Out of curiosity, have you tested e/w traffic even with the tunnels showing as down?

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos
Marcin4
Enthusiast
Enthusiast

So i've created 4 linux vms and one segment

And inside that sgement traffic works correctly.

Best Regards
Marcin Gwóźdź
VCP-NV 6, VCAP-DCV 7, VCAP-DTM 7.
linkedin.com/in/marcin-gwóźdź-80b84b122
0 Kudos
shank89
Expert
Expert

What about east - west host to host ?

Shashank Mohan

VCAP-NV 2020 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
0 Kudos