> why wouldn't I be able to use separate VLANs for VTEPs? VTEPs are in essence vmk interfaces that sit on a dvPg, which is a DVS-wide construct, and thus should have a single VLAN ID associate...
See more...
> why wouldn't I be able to use separate VLANs for VTEPs? VTEPs are in essence vmk interfaces that sit on a dvPg, which is a DVS-wide construct, and thus should have a single VLAN ID associated with it. The only within-VTEP-subnet BUM replication optimisation that exists is the Hybrid (or Multicast) control plane mode for Logical Switches.
Hi, trying to check NSX configured clusters, and here is the error: NSX Manager internal error. Review the NSX Manager log for details or contact your system administrator Unexpected status ...
See more...
Hi, trying to check NSX configured clusters, and here is the error: NSX Manager internal error. Review the NSX Manager log for details or contact your system administrator Unexpected status code: 503 restarted everything, no luck
Hi, probably i am doing something wrong, but i cannot not filter SSH from one VM to another VM in same VXLAN. Environment: 1 - two hosts in Cluster 2. - NSX configured 3. - 4 VXLANs avaial...
See more...
Hi, probably i am doing something wrong, but i cannot not filter SSH from one VM to another VM in same VXLAN. Environment: 1 - two hosts in Cluster 2. - NSX configured 3. - 4 VXLANs avaialable on both two hosts 4. - Two VMs in Same VXLAN each on diferent host Tring to filter SSH between them - just for testing - and Distributed firewall does not filter it. i have used next documentation - NSX 6 Documentation Center Thanks
> Is it because the port-group is shared across the DVS and really just a means to get to the logical switch that all of the clusters on the DVS can see the port-groups? Yes. Logical Switch ==...
See more...
> Is it because the port-group is shared across the DVS and really just a means to get to the logical switch that all of the clusters on the DVS can see the port-groups? Yes. Logical Switch == a "special" dvPortgroup, which can "extend" to more than one DVS, but can't really exist in some clusters members of a DVS and not others. I can see how the described behaviour is confusing, but VXLAN is closely tied to DVS (much more so than DLR), which doesn't have a concept of TZ. I'm guessing this is one of them "watch this space" things, where we can expect some improvements in future.
When configuring NSX the second time around, I decided that I wanted to try and use separate networks for each VTEP interface across 3 hosts. 2 of the hosts happened to be on DVS and the 3rd on ...
See more...
When configuring NSX the second time around, I decided that I wanted to try and use separate networks for each VTEP interface across 3 hosts. 2 of the hosts happened to be on DVS and the 3rd on a second DVS. It appears, that NSX won't let you use two separate VLANs on the same DVS for the VTEPs. I received an error message... VLAN <number> can not be used. Other VLAN IDs are in use on the specified DVS. Am I interpreting that limitation correctly? If so, is this restriction in place to facilitate local flooding of traffic between hosts for multicast and broadcast? I suppose if there were two different VLANs that would be a problem if flooding is occurring from one host in the VLAN to others.
Interesting. So let me get this straight... -Clusters are associated with transport zones -Transport zones contain logical switches -Local distributed routers are used to connect logical sw...
See more...
Interesting. So let me get this straight... -Clusters are associated with transport zones -Transport zones contain logical switches -Local distributed routers are used to connect logical switches So since a single DVS can be backing up all of the above, any cluster on the DVS can see port-groups for logical switches? Even if that cluster is not in the same transport zone? I thought I had this for a moment but now that doesnt make any sense at all. The distributed router restriction makes total sense and thats how I expected the port-groups to work as well. Is it because the port-group is shared across the DVS and really just a means to get to the logical switch that all of the clusters on the DVS can see the port-groups? That makes technical sense I suppose.....
You may find this also of interest: VMware Virtual SAN, NSX and OpenStack Interoperability :: https://www.youtube.com/watch?v=fh2-HTbGpyE&feature=youtu.be
If someone is looking for informations how to interface this two solutions There is a great blog about that Learning NVP/NSX - blog.scottlowe.org - The weblog of an IT pro specializing in vir...
See more...
If someone is looking for informations how to interface this two solutions There is a great blog about that Learning NVP/NSX - blog.scottlowe.org - The weblog of an IT pro specializing in virtualization, networking, cloud, serve….
