Siva Sankar Blogs

Its All About Next Gen Data Centers

NSX VMWare 

VMWare NSX-V 6.4.x Detailed Installation and Configuration Series

Siva Sankar 2 Comments , , ,

Managing and provisioning of networks is one of the most time-consuming process in a typical 3 tier environment. Lots of time will be spend by network admins to configure each and every single component over the network and making sure they are working fine. We all might have faced these challenges in numerous situations and spend days in troubleshooting and finding out that its all due to a small routing information missing or vLan not been allowed on a trunk on switches.

Pre-provisioned physical networks allow for the rapid creation of virtual networks and faster attachment of workloads to the virtual network. As long as the virtual network you need is already available on the host where the workload is to be deployed.

Organizations has spent massive investments on visualizing servers in 1990’s and storage in recent years, but the core networking and security components are still not been ritualized and managed the same way it was 30 years back. A true software defined data center (SDDC) will decouple the networking and security over head from the underlying physical workload.

This series is targeted to take a leap in to the world of SDDC with detailed installation and configuration steps for networking and security virtualization with VMWare NSX.

To make it easy this series is split in to 5 parts.

Part-1 : VMWare NSX Manager 6.4.x Installation and Initial Configuration

Part 2: VMWare NSX 6.4.x Micro-Segmentation Configuration steps

Part 3: VMWare NSX Cluster preparation and Controllers Installation

Part 4: VMWare NSX Logical Switching and DLR Configuration

Part 5: VMWare NSX EDGE and OSPF Routing Configuration

VMWare NSX Design for this series

The design in this series is very basic as its targeted for people to understand the installation and configuration. we have many other complex designs available, please check it out. Typically the installation flow for any design is mostly same, so we are covering the basic concepts in this series.

There is no mandate what we have to follow the VMWare VVD exactly, they are the guidelines laid out for large infrastructures. Design should be always tailored to your requirement like the one we are deploying this is series which will fit most of the small and medium organizations. It is strongly recommended to review the below design document once atleast before making any design decissions as there are some unsupported topologies for each components which are discussed in detail.

Detailed NSX VMWare Validated Designs can be found here .

logical Design

VMware NSX Manager™: NSX Manager is the centralized network management component of VMware NSX that is installed as a virtual appliance on any VMware ESXi™ host in your VMware vCenter Server® environment. It provides an aggregated system view, a single point of configuration, and REST API entry points.
VMware NSX Virtual Switch™ :NSX Virtual Switch is the software that operates in server hypervisors to create a software abstraction layer between servers and the physical network.
VMware NSX Controller™: NSX Controller is an advanced distributed state management system that controls virtual networks and overlays transport tunnels.
VMware NSX Edge™ : NSX Edge provides network edge security and gateway services to isolate a virtualized network. NSX Edge offers perimeter firewall, load-balancing, and other services, such as SSL VPN and DHCP Relay.
Distributed logical router: NSX for vSphere distributed logical router provides an optimal data path for routing traffic within the virtual infrastructure. It routes East-West traffic in a distributed fashion to provide better throughput and performance.
Distributed firewall: NSX for vSphere distributed firewall is a hypervisor kernel-embedded firewall at the virtual NIC level that provides visibility and control for virtualized workloads and networks.
VXLAN: Virtual eXtensible LAN uses a VLAN-like encapsulation technique to encapsulate MAC-based OSI Layer 2 Ethernet frames within Layer 4 UDP packets. Used in virtual networking to increase the scalability of the platform.

We will be having couple of ESXi Hosts used for management, production and placing EDGE gateways.

Distributed Switch & Physical Design

As show below each ESXi host is having two 1GB and two 10 GB uplinks. We will be using the 1GB uplinks for management and vMotion and 10GB uplinks will be prepared for VTEP (VXLAN) and Edge gateway uplinks to connect to the physical world for North-South traffic.

EDGE uplink 1 will connect to only vNIC 2 while uplink 2 will connect to vNIC 3 only. Please note edge gateway uplink port groups will be connected with only only physical uplink no standby or failover.

The the uplinks are configured as Trunk and separate vLans will be used for each purpose. vLan requirements are detailed below.

Micro Segmentation Design

As shown below Micro segmentation will be implemented with NSX without having Controllers deployed or cluster preparation. as you might already aware VXLAN or routing and switching components are not required for micro segmentation. With just NSX manager and distributed switch it is possible.

VTEP and VXLAN Design

As shown below, we are using single VTEP in this design with failover to other NIC. this will be automatically configured with configuring VTEP or VXLAN on the cluster from NSX Manager. We will be using unicast as broadcast method during this series. For small and medium deployments unicast will suffice.

Logical Switch and Routing Design

As shown below we will be creating 5 logical switches after preparing the clusters for NSX VXLAN.

  1. Web server logical switches ( WEB-LS ) – 172.16.10.x/24
  2. App Server Logical Switches (APP-LS) – 172.16.20.x/24
  3. DB Server logical switches (DB-LS) – 172.16.30.x/24
  4. Transit logical swith (Transit-LS )  – 192.168.8.x/24
  5. DLR HA logical switch (HA-LS) – internal IP range will be used by NSX.

All the logical switches will have its gateway configured as .1 on the DLR as separate interfaces.

NSX EDGE will be connected with the physical router with distributed port group on vLan configured for subnet 192.168.2.x/24. EDGE internal Link will be connected to Transit Logical Switch with inturn will be connected with the DLR uplink as shown below.

OSPF area 0 is configured between Physical router and NSX EDGE , while NSSA area 10 will be configure between Edge and DLR.

IP Subnet requirements

We will cover the minimum requirements for the IP subnets for deploying NSX routing and switching.

  • Management vLAN : 192.168.1.x/24
  • vLan for routing configuration across Edge to Physical router : 192.168.2.x/24 ( As we have only one active physical router we need one vLan , if there are two active physical routers we need 2 vLans)
  • vLan for vMotion : 192.168.4.x/24
  • vLan for VTEP / VXLAN : 192.168.3.x/24
  • VXLAN requirements : these vxlans will be configured in NSX and doesn’t require any configuration on physical networking components.
    • Web server logical switches ( WEB-LS ) – 172.16.10.x/24
    • App Server Logical Switches (APP-LS) – 172.16.20.x/24
    • DB Server logical switches (DB-LS) – 172.16.30.x/24
    • Transit logical swith (Transit-LS )  – 192.168.8.x/24
    • DLR HA logical switch (HA-LS) – internal IP range will be used by NSX.

Note: vCenter, NSX Manager, Controllers reside in management vLAN. you might want to configure more VXLAN’s as per the requirement and its very simple.

You can find the VMWare Installation guide for NSX here, this is very detailed and useful to clear your doubts while installing and configuring NSX. You might think then why we are trying to write this series, as with this series our target is to fast forward things without going deep into minute details to save time for folks who need to get a quick idea of something.

NSX Installation and Configuration Series

Part-1 : VMWare NSX Manager 6.4.x Installation and Initial Configuration

This post will cover deploying NSX Manager and initial configuration of NSX Manager. Micro-Segmentation and other configurations for NSX can be found here.

Part-1 : VMWare NSX Manager 6.4.x Installation and Initial Configuration

Part 2: VMWare NSX 6.4.x Micro-Segmentation Configuration steps

This post will cover the micro segmentation configuration for NSX. Please click here for NSX Manager 6.7 Installation & Configuration post if you wanted to setup NSX manager from scratch.

Part 2: VMWare NSX 6.4.x Micro-Segmentation Configuration steps

Part 3: VMWare NSX Cluster preparation and Controllers Installation

In this post will cover the Controller deployment, VTEP for VXLAN configuration, Cluster preparation and Transport zone creation which are basic for VXLAN to work.

Part 3: VMWare NSX Cluster preparation and Controllers Installation

Part 4: VMWare NSX Logical Switching and DLR Configuration

This post will cover the Logical switch creation and deploying DLR with control VM as we will use dynamic routing for routing between the DLR and Edge appliance.

Part 4: VMWare NSX Logical Switching and DLR Configuration

Part 5: VMWare NSX EDGE and OSPF Routing Configuration

This post will cover the installation and configuration of NSX EDGE appliance then will configure OSPF between DLR and EDGE for sharing dynamic routed between them.

Part 5: VMWare NSX EDGE and OSPF Routing Configuration

 

Hope this series is useful, leave your comments and feedback.

Siva Sankar

Siva Sankar works as Solution Architect in Abu Dhabi with primary focus on SDDC, Automation,Network Virtualization, Digital Workspace, VDI, HCI and Virtualization products from VMWare, Citrix and Microsoft.

You May Also Like

VMWare NSX – Collapsed DMZ Detailed Design Guide

Siva Sankar 1

Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync

Siva Sankar 0

Part 2: VMWare vROPS 6.7 Replica Node Installation & HA configuration Steps

Siva Sankar 0

2 thoughts on “VMWare NSX-V 6.4.x Detailed Installation and Configuration Series

Leave a Reply

Your email address will not be published.

Show Buttons
Hide Buttons