In this series, we are going to configure our Edge Services Router in NSX 6.4
Blog Series
- Installing NSX-V 6.4
- Configure Controller Nodes and enable CDO mode in NSX-V 6.4
- One Page View of all NSX-V commands
- Configure VXLAN and Prepare ESX hosts for VXLAN traffic
- Configure the Transport Zone and Logical Switches
- Configure Distributed Logical Router
- Configure Edge Services Router (ESG)
- Verifying VXLAN Connectivity
- Regenerate Self-signed Certificate on NSX-V
- DLR VM SSH Access
- Backup NSX-V Manager
- Dynamic routing with OSPF in DLR
- Dynamic routing with OSPF in ESG
- VMware NSX Edge Load Balancer
- VMware NSX Edge Load Balancer SSL Offloading
- NSX-V Firewall & Microsegmentation
- NSX-V Firewall Service Composer
An ESG router will have an UPLINK interface connected to our Managament portgroup wherein it can connect to the external network such as Internet. The INTERNAL Interface on the ESG is connected to the Distributed Logical router.
The main purpose of an ESG router is to enable our Virtual machines to gain access to the outside world.
These are the functions an ESG router can offer
- Firewall
- Load Balancer
- Routing
- VPN Services
- NAT
Create Edge Service Gateway
Select NSX Edges tab in the left panel – Click Add and choose Edge
Choose a name and select Deploy Control VMs to deploy VM for the router.
Specify the username and password and click Next.
Click on Add Edge Appliance VM.
Click Next to proceed
In the configure Interface tab, we define two interfaces for edge services router
ESG-2-Internet will be our Uplink and it’s connected to our Management Network – VLAN 1611. We also need to add an IP address and this IP will need to communicate to our VLAN1611 gateway.
The 2nd interface on the ESG is for a connection to the Internal Network which is a connection to our Distributed logical router
ESG-2-DLR will be our Internal network, we connect that network to VLAN2711. VLAN 2711 is a transit network connection to our DLR router. We also need to add an IP address and this IP will need to communicate to our VLAN2711 gateway.
When the interfaces are created, click Next to proceed
Leave the gateway section as blank as this can be configured later.
Leave the firewall policy disabled
Review and click finish
Once the Edge and DLR router VM’s are ready, we willl see the status as Deployed.
Configure Default Gateway for NSX Edge
Go to Routing Section – Edit and Add IP address 172.16.11.253 .
172.16.11.253 is our IP address of our default gateway of VLAN 1611 ( management VLAN )
That completes all configurations required for our ESG router to talk to our DLR router