Table of Contents
Welcome to the fourth part of the NSX Federation series. In the last post, I talked about configuring local and global NSX-T managers to enable federation. In this post, I will show how we can leverage to configure stretched networking across sites.
If you have missed the earlier post of this series, you can read them using the below links:
1: NSX-T Federation-Introduction & Architecture
NSX-T Federation Topology
Before diving into the lab, I want to do a quick recap of the lab topology that I will be building in this post.
The following components in my lab are already built out :
1: Cross Link Router: This router is responsible for facilitating communication between Site-A & Site-B SDDC/NSX.
- Site-A ToR01/02 are forming BGP neighborship with Cross Link Router and advertising necessary subnets to enable inter-site communication.
- Site-B ToR01/02 are also BGP peering with the Cross Link Router and advertising subnets.
2: Site A/B ToR: The two ToRs in Site A/B are providing core infrastructure networking and have the following configured.
- VLANs for datacenter traffic (Mgmt, vMotion & VSAN) and overlay (ESX TEP, Edge TEP, RTEP, and Edge Uplinks) are configured here.
- Also, BGP (AS, Peers, etc) has been configured for Site A/B SDDC edges in advance.
3: NSX-T Config:
- The host has been configured as the transport nodes.
- Edges have been deployed and added to the edge cluster.
I will show the deployment/configuration of the following objects in this post.
- Stretched Tier 0 gateway.
- Stretched Tier 1 gateway.
- Stretched segments.
- BGP configuration on stretched Tier 0.
Stretched Tier 0 Deployment/Configuration
To deploy a stretched T0 gateway, login to NSX-T global manager and navigate to Networking > Network Overview > Tier-0 Gateways, and click on the Add button.
Provide a name for the T0 gateway and select the HA mode.
If you are deploying an Active-Active datacenter, leave the option “Mark all locations as Primary” turned on, else turn off that option using the toggle button and manually specify the primary and secondary site.
Save the configuration after making the selection.
On switching context to the local NSX-T manager, you will see that the newly created T0 gateway appears there with GM appended in front of it. GM indicates that the object has been created via Global Manager.
Stretched Tier 1 Deployment/Configuration
Similarly, deploy a T1 gateway via the global manager and connect it to the global T0 gateway.
Note: By default T1 gateway will be stretched across all sites participating in federation, but you can limit the span of the T1 gateway by toggling the option “Enable Edge Clusters for Services or Custom span”
Create Stretched Segments
This task is pretty straight forward. Just create 3 segments and attach them to the stretched T1 gateway. Segments will then start showing up across all sites.
To verify this, switch the context to the local NSX-T manager and ensure newly created segments show up there with GM appended in front of the name.
Interestingly the transport zone for these segments is auto-allocated when segments are stretched to local NSX-T sites.
Configure T0 Gateway Interfaces
Create VLAN backed logical segments that will serve as interfaces for the T0 gateway across sites.
Since I have 2 sites added, I created 4 logical segments.
Next is to edit the T0 gateway and configure interfaces.
You have to create 4 interfaces per site. In each site, you might have 2 edge gateways and there will be 2 interfaces per edge vm’s.
The below diagram shows the interface configuration of my T0 for Site A/B.
Configure BGP on Stretched T0
Edit BGP settings and set the Local AS number as per your environment.
Under BGP neighbors, click on the set button to define BGP peers.
My BGP neighbor configuration is shown in the image below.
Also, I have enabled Route Re-distribution on T0.
We have to define Route Re-distribution for all the sites across which T0 is stretched.
And that concludes this post. In the next post of this series, we will see federation in action.
I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing 🙂