Solved: Nested ESX(i) Geneve Overlay Tunnel Status is down

ZozoPaliashvili · ‎02-27-2020

Hello Everyone!

I've faced with issue that Overlay tunnel is down in Nested ESXi lab.

My infrastructure:

NSX Manager 2.5.1

2 Nested ESXi hosts. Each hosts have 2 Network adapter: management and overlay.

ESXi hosts hardware:

Management network has internet access and connects with NSX Manager and hosts. Overlay network is isolated and has connection only with hosts.

N-VDS assigned to overlay network.

(vm hardware and physical adapters look the same for both hosts)

I set IP pool for overlay network

So while I connect VM (that resides on Nested ESXi) to Logical Switch I got

and obviously traffic doesn't go.

Any idea what the problem is?

Thanks in advance!

mauricioamorim · ‎02-27-2020

For nested environments you need two things:

1) Increase the parent host's VDS MTU;

2) Enable Promiscuous/Mac Address Changes/Forged Transmits on the DvPortGroup of the parent host used for TEP (nsx-overlay in your case)

Have you done this already?

View solution in original post

mauricioamorim · ‎02-27-2020

For nested environments you need two things:

1) Increase the parent host's VDS MTU;

2) Enable Promiscuous/Mac Address Changes/Forged Transmits on the DvPortGroup of the parent host used for TEP (nsx-overlay in your case)

Have you done this already?

ZozoPaliashvili · ‎02-28-2020

Thanks a lot, you saved my time!!!

For additional, all this change are performing in parent host's configuration tab (if you use vCenter):

wenlaoshi · ‎03-08-2020

Promiscous mode is not really required and a bad thing from the performance point of view.

William Lam wrote a great post about enabling MAC learning on a VDS (vSphere 6.7), including two powercli functions to query and set the configuration:

https://www.virtuallyghetto.com/2018/04/native-mac-learning-in-vsphere-6-7-removes-the-need-for-prom...

All

Nested ESX(i) Geneve Overlay Tunnel Status is down