Part 5 – Create Transport Zones & Uplink Profiles & IP Pools

Loading

What are Transport Zones:

Transport zones define how VMs on the host can communicate with each other and are used to separate dev/test environments. Members inside the transport zone can communicate with each other by default thus transport zone is just a span of logical segments.

Members within the transport zone aren’t able to communicate with each other ( eg: VM’s in the test transport zone won’t communicate with the prod transport zone) thus it limits a host’s ability to see only logical switches it needs to see.

There are two types of transport zones.

Overlay TZ: Create an overlay Transport zone to communicate with overlay segments within the NSX ( eg: App, DB, Web etc ). This transport zone is used by the host as well as Edge.

VLAN TZ: This transport zone focuses on VLAN uplinks used by Edge and Host transport nodes. A VLAN N-VDS gets installed when you add a node to this TZ. Create a VLAN-based transport zone to communicate with the non-overlay networks that are external to NSX-T Data Center.

Create Transport Zones

We will create an overlay transport zone and a VLAN transport zone.

On the NSX UI Home page, navigate to System > Configuration > Fabric > Transport Zones and click +ADD.

OptionAction
NameProd-Overlay-TZ
Switch NameProd-Overlay-NVDS
Traffic TypeOverlay

OptionAction
NameProd-VLAN-TZ
Switch NameProd-VLAN-NVDS
Traffic TypeVLAN

Create Uplink Profile

An uplink profile defines how you want your network traffic to go outside of NSX-T env. It’s to decide things like my TEP VLAN, MTU, and load balancing. In short, it’s how connectivity should work from NVDS to the network for the TEP network.

We will create two uplink profiles – So, so we have two different VLAN ID’s for Host TEP(1634) as well as Edge TEP(2713)

OptionIDPortGroup
VLAN1634NSXT-Overlay ( Host Uplink )
VLAN2713Edge Transport Overlay ( Edge TEP uplink)

Let’s create one for the host transport node. Navigate to System >Profiles >Uplink Profile >Click on +

Transport VLAN 1634 mean all hosts attached to this uplink profile will get a Tunnel Endpoint IP from this VLAN. I have configured DHCP for this VLAN on my TOR.

Teaming Policies

OptionAction
FailoverActive/Standy config
Load Balance Sourceuses the virtual port ID of VM to distribute the load
Load Balance Source on MACuses hash value so CPU load is higher

Select Load Balanced Source. And type ‘uplink-1,uplink-2’ in the ‘Active Uplink’ field as we go with the Active/Active configuration.

Give the VLAN ID for the esx that we are tagging.

One of the requirements for NSX-T overlay so that we use a higher MTU of over 1700 so, overlay traffic can be forward but in most cases this will be configured on the physical switch. If we are using VDS ( instead of NVDS we don’t need to configure anything here but for NVDS we must type an MTU value here. My hosts are on 7.0 so we are to skip it here which means if we leave it empty the default value of 1700 is taken.

I’ve defined a host uplink profile for my KVM Hosts as well

We must create one more uplink profile for the Edge Transport Node. Follow the same process for VLAN ID 2713. So, we have two different VLAN IDs for Host TEP as well as Edge TEP.

Verify the EDGE Uplink profile.

That now completes our task of creating profiles and we can see this info In NSX-T Manager – System > Fabric >Profiles > Uplink Profiles

Creating NSX-T IP Pools for TEPs

We will need to create two IP pools which is an internal IP address management system.

  • VTEP pool
  • Host TEP IP-Pool

Go to the IP management > IP address pools > Add IP ranges

Summary

Installing an NSXT 3.1 along with vCenter 7.0 is a process that does require careful planning. In the next post, we will migrate an existing environment configured with nvDS to a Converged NSX node switch type.

(Visited 514 times, 1 visits today)

By Ash Thomas

Ash Thomas is a seasoned IT professional with extensive experience as a technical expert, complemented by a keen interest in blockchain technology.

Leave a Reply