VMware Networking Community
LukaszDziwisz
Hot Shot
Hot Shot

NSX-T 3.0 ability to prefer route

    Hello Everyone,

I'm pretty new to NSX-T and wanted to ask a question about being able to controll Egress on NSX-T. We are in the middle of deploying NSX-T with a vendor and he thinks that something must have changed between 2.5 and 3.0 that is causing inability to control egress point with NSX-T route maps

Here is the scenario;

We have two sites Site A and Site B, one vCenter 7 and our clusters are stretched meaning they have stretched storage and contain hosts both from site A and Site B. We have deployed one Tier0 and one Tier1 with 4 Edge nodes two per site and used affinity rules to pin them to specific site. Everything is working great and we have successful networking between segments and other networks beyond NSX however the problem is that we would like to be able to control the egress point. Our vendor used route maps and we played with weights and prepending none of that seemed to have effect which way we are egressing. There are no services running on them besides routing.

For example, today we are egressing through site A, in order to egree through site B we need to power off or restart Edge nodes in Site A then the egress point changes to Site B and stays there even after Site A nodes come back up. Now to switch it back we need to do the same to edge nodes on Site B and then it switches back to Site A.

Not sure we we are just asking for too much but we would like to be able to control it. Is there any way to accomplish this?

We started to have internal conversations if we should actually even bother and maybe just simply let it go whichever way it wants but I've figured that I can ask here and see what everyone thinks. Please let me know if you have any additional questions or if any screenshot is needed. Thank you in advance

Tags (3)
Reply
0 Kudos
3 Replies
p0wertje
Hot Shot
Hot Shot

What does your routing table look like on the T0 ?

Is the T0 deployed in active-active ?

In our case we use ecmp. Which looks like this:

b  > * 0.0.0.0/0 [20/0] via x.x.x.1, uplink-328, 01w1d06h (.1 is router a)

b  > * 0.0.0.0/0 [20/0] via x.x.x.9, uplink-359, 01w1d06h (.9 is router b)

When i change this and add a route filter on i.e .1 which set aa local-pref of 200, it get preferred

BGP routing table entry for 0.0.0.0/0

Prefix advertised to:  None

2 Paths available:

  Origin IGP, Metric 0, LocalPref 100, Weight 0,  , valid

  Peer is x.x.x.9 with router id 10.101.2.21

  Last Updated: Mon Aug 10 13:01:49 2020

  Origin IGP, Metric 0, LocalPref 200, Weight 0, best, valid

  Peer is x.x.x.x.1 with router id 10.101.2.8

  Last Updated: Tue Aug 18 19:28:26 2020

Total number of routes: 1

b  > * 0.0.0.0/0 [20/0] via x.x.x.1, uplink-328, 00:01:35

Cheers,
p0wertje | VCIX6-NV | JNCIS-ENT | vExpert
Please kudo helpful posts and mark the thread as solved if solved
Reply
0 Kudos
LukaszDziwisz
Hot Shot
Hot Shot

Thank you Chris, let me check on this and get back with you with more info.

Reply
0 Kudos
mauricioamorim
VMware Employee
VMware Employee

There is no local-egress available for NSX-T Multisite. You would need federation for that.

Take a look at Dimitri's deck here: NSX-T Multisite

You are probably using Active-Active T0. In this case, it is logically a single router and thus, the T1 will send traffic to either edge node it is on and you do not have control over this. Traffic from physical to T0 can be influenced using BGP as each T0 uplink has a BGP neighbor where this can be accomplished.

Reply
0 Kudos