VMware Networking Community
sixdonuts
Contributor
Contributor

Question on NSX Edge Node placement in small spine leaf architecture

We have a small datacenter spine leaf network with three leaf pairs - workload, storage (NAS) and access/edge. Our access/edge leaf pair has an L3 static uplink to present networks native to our spine and leaf fabric to our external network and we have an L2 bridge to temporarily extend our legacy networks into our fabric (until all of our legacy networks and workloads are migrated into the fabric). We would like to deploy NSX in a collapsed architecture and utilize NSX Edge Nodes to connect to our external network leading to my following question: Is it possible to initially deploy our NSX edge nodes on our ESXi hosts that are physically connected to our workload leaf pair but access our external network through our physical uplinks on our access/edge leaf pair? At a later time, we would deploy a dedicated ESXi/Tanzu cluster physically attached to our edge/access leaf pair to host our NSX Edge Node cluster.

Labels (3)
Reply
0 Kudos
5 Replies
dragance
VMware Employee
VMware Employee

I'm not sure if I can follow but you can make logical connection at L2/L3 level in most of the ways you want. Dedicated VLANs for north/south connectivity and TEPs will utilise that logical design that you make, and traffic will use uplinks in a way you configure them. Maybe best option is to draw logical design and decide how to propagate needed VLANs for everything, and after that L3 from edges to external world.

Reply
0 Kudos
sixdonuts
Contributor
Contributor

Appreciate the reply but if you could clarify further, is it a requirement to have the NSX Edge Gateways on hosts directly connected to the leaf pair which has your uplinks (border leaf pair)? All of the deployment designs I have seen are similar to the attached and state "keep NSX Edges on hosts connected to the border leaf pair". Is that just an ideal/best practice or a hard rule? 

Reply
0 Kudos
dragance
VMware Employee
VMware Employee

Hello @sixdonuts - sorry for late replay
I would consider this as ideal/best practice per your own words. After all, natural placement of edge systems is just at the border leafs, because of role they play etc. But if you take look on underlay architecture - having border leafs is also a pure best practice, and depending on many factors that underlay design sometimes get consolidated as well (in terms of using existing ToR leafs and giving them "border" role for N/S traffic on some DC).

Basically - there are so many options, and my general rule is to follow best practice if possible. If not - let's see what can be accomplished out of what you have, considering future scalability and expansion in direction of having ideally organised system.

Maybe you can additionally take a look on VMW validated designs section here https://docs.vmware.com/en/VMware-Validated-Design/index.html

You can find a lot of pre-approved and tested best practice scenarios, which could be useful for you.

HTH,

Dragan

sixdonuts
Contributor
Contributor

Got it to work! VM traffic in our NSX segments in our workload/edge node collapsed cluster in rack one is able to route to and from our core via uplinks on our border leaf switches in rack three. Thank you for your assistance in verifying this is a viable configuration!

Reply
0 Kudos
dragance
VMware Employee
VMware Employee

Great @sixdonuts ! Really nice work done 👌

Reply
0 Kudos