Notes on VMware NSX Logical Routing

Here are my course notes from the VCP6-NV v6.2 Course touching on NSX Logical Routing. I will keep posting the rest of my notes in hopes it will assist someone else as it did me.

5.1

  • Routing is process of forwarding packets between different IP networks
  • Routers and L3 switches use route knowledge in route tables
  • STATIC ROUTES: must be manually configured
    • Fine tune route selection
    • Static route aggregation of route prefix
    • Changes are not quick
    • Limited scale
  • DYNAMIC ROUTING: exchange and update routes with dynamic protocols
    • Inform neighbors of failures
    • Network divided into autonomous systems
    • Interior gateway protocols IGPs
      • RIPv2
      • OSPF (supported by NSX)
      • EIGRP
      • IS-IS
    • Exterior gateway protocols EGPs
      • BGP (supported by NSX)
  • Autonomous systems (AS)
    • Collection of network prefix
    • Network
    • Subnets
    • Summary address
    • Supernets
    • IGP within AS
    • EGP between AS route info

 

5.2 Routing Protocols

  • OSPF
    • Uses link state spf algorithm
    • Uses backbone (area 0) must connect to this area from others
    • Uses path cost metric
    • Uses stub areas and NSS areas to limit amount of network info exchanged
    • Uses link state database to maintain routes
      • All routers have a copy of links state database – shared via flooding
    • Equal cost uses both pathsa
    • On bcast and non bcast multi access networks ospf routers elect designated routers to reduce overhead caused by adjacency
    • Designated and backup designated routes form full adjacency to exchange route info
    • ABR
      • Area border router that connect two or more ospf areas
      • Keeps individual copy of LSDB
    • ASBR
      • Autonomous system boundary routers connect ospf admin domain to external networks
    • Adjacency formed by multicasting info to other ospf enabled routers
    • Default no authentication used for adjacency negotiation but can be installed so cant be hijacked
    • IR internal router
      • Single area OSPF
    • AREA TYPES
      • NORMAL
        • Contain and exchange advertisements types and route types
      • STUB
        • Does not get routes external to the AS
      • NOT SO STUBBY
        • Stub that can import external AS routes and send them to other areas, but cant get external routes from other areas

 

  • BGP
    • Path vector routing protocol
    • Highly scalable
    • Exchange routs across AS
    • Only works with BGP peers
    • NSX supports only equal cost multipathing
    • eBGP for diff AS and iBGP for same AS
  • AS
    • Set of routers under a single tech administration and uses IGP to route inside
    • Has unique ASN
    • Peers manually configured to exchange info
    • iBGP internal and must use mesh
  • Route redistribution process of import route from one protocol to another
  • IP prefix can restrict routes in process

 

 

5.3 Distributed Logical Router

  • Physical > vm > router implemented in hypervisor
  • Hairpinning – if vms running on a hypervisor (on different networks) have to go through to a router
  • Routing between virtual networks is distributed in the hypervisor
  • DLR lets host make L3 routing decisions
    • A network that has 2 VXLAN number IDs and overlapping addresses must have separate DLRs
  • Uses DLR control vm for control plane
  • Connects directly to logical switches via logical interfaces
  • Best for E-W traffic
    • LIF owned by DLR
    • Vmac is mac of LIF
    • LIF is default gw
  • DLR control vm communicates with nsx manager and the nsx control cluster
  • Nsx manager sends LIF info to DLR control vm and control cluster
  • DLR send route updates
  • High performance low overhead
  • Scales with number of hosts
  • 8 way ECMP on uplink
  • Doesn’t support ospf and bgp on same instance
  • Ospf requires an ip address for the uplink on  the LIF on the the DLR for data plane comms
  • An ip used exclusively for control convo with control vm
  • BGP and ospf peering established with the protocol address
  • N-S edge service GW
  • E-W DLR
  • NSX routing TOPOLOGY
    • Enterprise: all VXLANs on one DLR interface
    • Multitenant: can have own DLR instance and each ESG can have 10 interfaces
    • Each edge can have 200 sub ints
    • High scale multitenant: ip space cannot overlap unless differ edge service gw
  • 02:50:56:56:44:52
  • Can use floating static route in 6.2
  • If using only static routes no need to use DLR control vm

 

5.4 Edge service GW router

  • DHCP
  • VPN
  • NAT
  • Dynamic routing
  • Load balancing
  • Can support ospf and BGP
  • Sh ip ospf neighbors
  • Sh ip ospf database
  • Sh ip bgp
  • Sh ip ospf interface
  • Sh ip bgp neeighbors
  • Sh ip route
  • Supports AD

plasebikan