Automating deployment of 8-way ECMP

Quite a while ago NSX for vSphere brought the ability to use ECMP for Edges. This allowed multiple paths within the network for increase availability and bandwidth for applications. ECMP is nothing new to networking and is quite the done thing these days.

With NSX you would create the number of edges you require and subsequently go and configure the following:

  • Edge Deployment
  • Enable BGP
  • Configure Local
  • Enable ECMP
  • Configure Router ID
  • Disable Edge Firewall
  • Configure upstream peer(s)
  • Configure downstream peer

This was done for each edge. Now it is great to use the UI for some things but repetitive tasks leave a lot to be desired. So I imagine there is some joy in the ability to deploy the edges rapidly.

Introducing the 8-way ECMP script – deploying BGP ECMP with DLR and Logical Switching in minutes!

What do I need?

There are some prerequisites. The script requires a
* prepared NSX cluster for VXLAN
* controllers deployed
* ability to reach NSX Manager API
* PowerNSX / PowerCLI

Note that this script will use the NSX edge form factor of compact due to lab requirements. This is totally fine for lab and validation testing. To get the best performance in production please use xlarge.

If you need an automated installer of NSX then have a look at this script.

What does the script give me?

So lets take stock of what we have. The script deploys everything and all an administrator needs to provide is environment specific inputs for:

  • the “upstream routers” uplink network
  • Management or Edge cluster details
  • Datastore details

By modifying the details in the parameter block this becomes quite easy to manage. If required, it is possible to remove the upstream-router and use point beyond NSX is required.

What does it look like?

Looks a bit like this

screenshot-2016-11-03-22-54-35

Validating this

By using SSH to gain access to the Edge I can see if the Edge is receiving routes. It should have each of the 10 networks attached to the DLR being advertised by BGP. This is due to them being redistributed.

This topology has an upstream router for testing and validation. Here we can see in the routing table that the networks connected to the downstream DLR have 8 potential paths through the network. Each Edge represents additional throughput/bandwidth and a path way.

The 201-210 networks in the 172.16.x.0 range are the LIFs that are being redistributed into BGP by the DLR.

 

upstream-edge-0> sh ip route

Codes: O - OSPF derived, i - IS-IS derived, B - BGP derived,
C - connected, S - static, L1 - IS-IS level-1, L2 - IS-IS level-2,
IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2,
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

Total number of routes: 13

C 172.16.10.0/24 [0/0] via 172.16.10.1
B 172.16.20.0/24 [20/0] via 172.16.10.11
B 172.16.20.0/24 [20/0] via 172.16.10.12
B 172.16.20.0/24 [20/0] via 172.16.10.13
B 172.16.20.0/24 [20/0] via 172.16.10.14
B 172.16.20.0/24 [20/0] via 172.16.10.15
B 172.16.20.0/24 [20/0] via 172.16.10.16
B 172.16.20.0/24 [20/0] via 172.16.10.17
B 172.16.20.0/24 [20/0] via 172.16.10.18
B 172.16.201.0/24 [20/0] via 172.16.10.11
B 172.16.201.0/24 [20/0] via 172.16.10.12
B 172.16.201.0/24 [20/0] via 172.16.10.13
B 172.16.201.0/24 [20/0] via 172.16.10.14
B 172.16.201.0/24 [20/0] via 172.16.10.15
B 172.16.201.0/24 [20/0] via 172.16.10.16
B 172.16.201.0/24 [20/0] via 172.16.10.17
B 172.16.201.0/24 [20/0] via 172.16.10.18
B 172.16.202.0/24 [20/0] via 172.16.10.11
B 172.16.202.0/24 [20/0] via 172.16.10.12
B 172.16.202.0/24 [20/0] via 172.16.10.13
B 172.16.202.0/24 [20/0] via 172.16.10.14
B 172.16.202.0/24 [20/0] via 172.16.10.15
B 172.16.202.0/24 [20/0] via 172.16.10.16
B 172.16.202.0/24 [20/0] via 172.16.10.17
B 172.16.202.0/24 [20/0] via 172.16.10.18
B 172.16.203.0/24 [20/0] via 172.16.10.11
B 172.16.203.0/24 [20/0] via 172.16.10.12
B 172.16.203.0/24 [20/0] via 172.16.10.13
B 172.16.203.0/24 [20/0] via 172.16.10.14
B 172.16.203.0/24 [20/0] via 172.16.10.15
B 172.16.203.0/24 [20/0] via 172.16.10.16
B 172.16.203.0/24 [20/0] via 172.16.10.17
B 172.16.203.0/24 [20/0] via 172.16.10.18
B 172.16.204.0/24 [20/0] via 172.16.10.11
B 172.16.204.0/24 [20/0] via 172.16.10.12
B 172.16.204.0/24 [20/0] via 172.16.10.13
B 172.16.204.0/24 [20/0] via 172.16.10.14
B 172.16.204.0/24 [20/0] via 172.16.10.15
B 172.16.204.0/24 [20/0] via 172.16.10.16
B 172.16.204.0/24 [20/0] via 172.16.10.17
B 172.16.204.0/24 [20/0] via 172.16.10.18
B 172.16.205.0/24 [20/0] via 172.16.10.11
B 172.16.205.0/24 [20/0] via 172.16.10.12
B 172.16.205.0/24 [20/0] via 172.16.10.13
B 172.16.205.0/24 [20/0] via 172.16.10.14
B 172.16.205.0/24 [20/0] via 172.16.10.15
B 172.16.205.0/24 [20/0] via 172.16.10.16
B 172.16.205.0/24 [20/0] via 172.16.10.17
B 172.16.205.0/24 [20/0] via 172.16.10.18
B 172.16.206.0/24 [20/0] via 172.16.10.11
B 172.16.206.0/24 [20/0] via 172.16.10.12
B 172.16.206.0/24 [20/0] via 172.16.10.13
B 172.16.206.0/24 [20/0] via 172.16.10.14
B 172.16.206.0/24 [20/0] via 172.16.10.15
B 172.16.206.0/24 [20/0] via 172.16.10.16
B 172.16.206.0/24 [20/0] via 172.16.10.17
B 172.16.206.0/24 [20/0] via 172.16.10.18
B 172.16.207.0/24 [20/0] via 172.16.10.11
B 172.16.207.0/24 [20/0] via 172.16.10.12
B 172.16.207.0/24 [20/0] via 172.16.10.13
B 172.16.207.0/24 [20/0] via 172.16.10.14
B 172.16.207.0/24 [20/0] via 172.16.10.15
B 172.16.207.0/24 [20/0] via 172.16.10.16
B 172.16.207.0/24 [20/0] via 172.16.10.17
B 172.16.207.0/24 [20/0] via 172.16.10.18
B 172.16.208.0/24 [20/0] via 172.16.10.11
B 172.16.208.0/24 [20/0] via 172.16.10.12
B 172.16.208.0/24 [20/0] via 172.16.10.13
B 172.16.208.0/24 [20/0] via 172.16.10.14
B 172.16.208.0/24 [20/0] via 172.16.10.15
B 172.16.208.0/24 [20/0] via 172.16.10.16
B 172.16.208.0/24 [20/0] via 172.16.10.17
B 172.16.208.0/24 [20/0] via 172.16.10.18
B 172.16.209.0/24 [20/0] via 172.16.10.11
B 172.16.209.0/24 [20/0] via 172.16.10.12
B 172.16.209.0/24 [20/0] via 172.16.10.13
B 172.16.209.0/24 [20/0] via 172.16.10.14
B 172.16.209.0/24 [20/0] via 172.16.10.15
B 172.16.209.0/24 [20/0] via 172.16.10.16
B 172.16.209.0/24 [20/0] via 172.16.10.17
B 172.16.209.0/24 [20/0] via 172.16.10.18
B 172.16.210.0/24 [20/0] via 172.16.10.11
B 172.16.210.0/24 [20/0] via 172.16.10.12
B 172.16.210.0/24 [20/0] via 172.16.10.13
B 172.16.210.0/24 [20/0] via 172.16.10.14
B 172.16.210.0/24 [20/0] via 172.16.10.15
B 172.16.210.0/24 [20/0] via 172.16.10.16
B 172.16.210.0/24 [20/0] via 172.16.10.17
B 172.16.210.0/24 [20/0] via 172.16.10.18
C 192.168.100.0/24 [0/0] via 192.168.100.173

Happy days! Topologies made easy with PowerNSX! Download the script here and feedback always welcome.
Coming up soon – using Copy-NsxEdge to make it a whole lot easier!

Leave a Reply

Your email address will not be published. Required fields are marked *


*