Uncategorized

ESX/NSX nested lab – Part II

This part continues to build out NSX on top of the Nested ESX cluster created in the last part ESX/NSX nested lab – Part I.

Part I included some basic NSX setup for convenience such as.

  1. NSX Manager installed from OVF, and linked to vCenter.
  2. Physical network ESXi uplinks included allowed vLAN 100 for vxlan.
  3. distributed switch set to allow Jumbo 9000 MTU,  (> 1600 MTU require for NSX )

 

  1. Install NSX on hosts
    1. Create IP pools
      nsx3
      Networking & Security – Groups – IP Pools
      1. Controller-pool  ( in management IP LAN )
        10.24.10.1 – 10.24.10.5    /16
      2. vTEP-pool ( create new unused LAN subnet + vLAN for vxlan )
        10.100.1.10 – 10.30.1.20  /24  vlan: 100,  GW: 10.100.1.1, no DNS
        The vxlan GW is not used here – this would typically be a hardware device that routes vxlan to vLAN.
    2. Setup new vLAN 100 for vxlan segment on physical switch
      Important: Set  vxlan (  vlan 100 ) mtu to 1600 on physical switch.
      E.G. For Cisco 2970 switch

      config t
vlan 100
name vxlan
mtu 1600
exit
exit
    3. Install one Controller ( into NSX-compute cluster )
      For a lab, only a single controller needed – not three
      Controllers can run on non NSX prepared hosts ( e.g in Management cluster )
    4. Install NSX to Compute cluster ( with 3 Nested ESX/NSX hosts )
    5. Prepare vxlan on hosts
    6. Setup Segment ID
      1. pool: 5000-5999      ( 999 segments )
      2. Multicast: 239.1.1.1-239.1.4.254  ( for optional multicast )
    7. Setup transport zone ‘Global’
      1. To include NSX-compute cluster,  Unicast mode
  2. Test vTEP connectivity
    After NSX install each host should have a vTEP ( with IP from vtep-pool  )
    connected to the autogenerated vxlan portgroup.
    Login to one of the nested hosts and ping the vTEP on other hosts.  Make sure at least one Nested host is on a different physical host to verify physical connetivity.

    1. ssh esx-n1 ( host )
      esxcfg-vmknic -l  (  show vmkernal nics and IP’s )  Note vmk3 is used for vxlan.

      vmkping ++netstack=vxlan -s 1470 -d -I vmk3 10.100.1.10
vmkping ++netstack=vxlan -s 1570 -d -I vmk3 10.100.1.11
    2. The 2nd command should ping to show MTU 1600 is working. If only the 1st command pings , then you need to set mtu size on vlan 100.   Ping to all  combinations nested hosts vtep ip’s

Links

  1. Nested ESXi 6.5 virtual appliance   (vGhetto)
  2. Nested ESXi LearnSwitch   (vGhetto)
  3. How to clone a nested ESXi VM  (vGhetto)
  4. NSX issue on dvs in nested ESXi  (telecomOccasionally)
  5. Nested Virtualization  (Limitless) installing ESX, trunked portgroup

2 thoughts on “ESX/NSX nested lab – Part II

  1. Pingback: Definitive Nested ESXi 6.5/NSX guide – Nuance of iqlusion
  2. Pingback: ESX/NSX nested lab – Part I – Nuance of iqlusion

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s