Part 4: VMWare NSX-T Configuring Tier-1 and Tier-0 Gateways

 


 

 

Step 01 – Deploy Tier-1 Gateway

Click on Networking – Connectivity – Tier-1 gateway – Add Tier-1 .

Provide the name – if you are planning for any stateful services select edge cluster if not leave it – Save

Click Yes

 

Configure route redistribution on Tier-1

Expand Route redistribution – select as shown below and click save


Scroll down and click on close editing on right hand side.

 

Step 02 – Attach Segments to Tier-01 Gateway

Navigate to segments – networking – segments – click on both web , app and other segments – edit

select the gateway as Tier-1 and click save

 

Step 03- Create vLan Backed Segments for T0 Uplinks

Create 2 new segments for Tier-0 router uplinks.

  • Provide name : T0-uplink-01 and 02
  • Transport zone : vLan transport zone
  • vLan id : if specific vLan id is used, specify if not 0
  • Scroll down and click save.

Create 2nd uplink segment also in the same way.

 

Step 04 – Deploy Tier-0 Gateway

Click on Tier-0 and click add

  • Name : T0-Gateway-01
  • HA-Mode : Active-Active
  • Edge cluster : edge-cluster-01 (created in previous post)
  • click save.

Click Yes

 

Tier-0 Route redistribution Configuration

Click on set route re-distribution

  • Click on add route re-distribution
  • provide name
  • click on set

select the static routes and connected interfaces and segments as shown below and click apply

click on ADD

as its added – click apply

Click save under route re-distribution

 

Configure Tier-0 Gateway Uplink Interfaces

Scroll down to Interfaces – expand – click set

  • Select the Name : T0-GW-uplink-01
  • Type: external
  • IP: 192.168.3.2/24 ( this is my interface IP used for BGP)
  • connected segment : T0-uplink-01
  • edge node: select esg01
  • select save

Similarly create a second uplink interface as shown below. the IP is from diff vLan

click save

Configure BGP Routing on Tier-0

Configuring BGP is very straight forward in Tier-0

expand BGP section

  • Local AS : 65001 ( AS for Tier-0)
  • BGP – ON
  • Neighbors – Click set

Configure BGP Neighbors on Tier-0

Click on add bgp neighbor – provide neighbor ip and AS id of neighbor and source – save

create second neighbor for second interface also.

both neighbors are created- click close

click on save

Necessary BGP configuration on physical router needs to be configured for BGP to work.

Below is my router config which is in router on stick model.

router bgp 65000
router-id 192.168.3.1
neighbor 192.168.3.2 remote-as 65001
neighbor 192.168.4.2 remote-as 65001

interface GigabitEthernet1.3
description data vlan 3.1
encapsulation dot1Q 3
ip address 192.168.3.1 255.255.255.0

interface GigabitEthernet1.4
description data vlan 4.1
encapsulation dot1Q 4
ip address 192.168.4.1 255.255.255.0

Step 05 – Connect Tier-1 with Tier-0 Gateway

Now we will connect T1 with T0.

Select the TIer-01 – edit

 

Select T0-Gateway created earlier as TIer-0 section – select save

settings are saved. now routing between T1 and T0 is configured automatically. no config required like NSX-V

Assign the Segments to VM’s and test connecitivity

assign respective VM’s to web and app segments

 

Step 06 – Test Switching and Routing

This is web vm 172.16.10.20 and it can reach 10 and other VM’s in app segments also.

Next post will cover how to configure micro-segmentation using distributed firewall.

Siva Sankar

Siva Sankar works as Solution Architect in Abu Dhabi with primary focus on SDDC, Automation,Network Virtualization, Digital Workspace, VDI, HCI and Virtualization products from VMWare, Citrix and Microsoft.

Leave a Reply

Your email address will not be published.

Show Buttons
Hide Buttons