Installing VMware NSX – Part 7

So far the topology in this series has a three tier logical application deployed. It also has an Edge Services Gateway connected to the uplink of the logical router with an uplink of its own to the physical infrastructure. The next step is informing the Edge Services Gateway about Logical Interfaces (LIFS) connected to the logical router. This can be performed by a dynamic routing protocol such as OSPF, IS-IS, BGP or traditional static routing.

Screen Shot 2014-06-26 at 3.09.16 pm

This example seeks to use an Interior Gateway Protocol (IGP) know as Open Shortest Path First (OSPF). The first configuration point will be the Logical Distributed Router. Select NSX Edges and double-click on the Logical Distributed Router that was deployed previously.

Screen Shot 2014-06-27 at 2.11.48 pm

Under the Manage tab select Routing, Global Configuration and select Edit on Dynamic Router Configuration.

Screen Shot 2014-06-27 at 2.12.40 pm

Select the Router ID. In this example this is the Uplink interface that connects to the Transit Logical Switch facing the Edge Services Gateway.

Screen Shot 2014-06-26 at 3.27.08 pm

Accept the changes and click Publish Changes. Select the OSPF tab on the left side.

Screen Shot 2014-06-26 at 3.24.22 pm

Note the default configuration of OSPF. The Area to Interface mapping, Area Definition and OSPF Configuration need to occur. Click the Edit button for OSPF Configuration.

Screen Shot 2014-06-26 at 3.24.38 pm

Tick the Enable OSPF box. The Protocol address is that of the Control VM for the Logical Router. The Control VM is responsible for maintaining the control plane of OSPF e.g. maintains OSPF state, neighbour relationships and route propagation. The Forwarding Address is the uplink interface IP address. Click OK to finish.

Screen Shot 2014-06-26 at 3.24.46 pm

Next click the Green Plus under Area Definitions. OSPF neighbours need to peer with routers with the same area ID. We defined Area 10 earlier and therefore we need to use this again.

Screen Shot 2014-06-26 at 3.27.49 pm

Select the Uplink interface. This is the interface you want to present to OSPF to be included in the routing protocol.

Screen Shot 2014-06-26 at 3.27.54 pm

Review the changes and now click Publish Changes. This will enable OSPF on your Logical Router.

Screen Shot 2014-06-26 at 3.29.04 pm

Click the Route Redistribution menu along the left side. Notice how there is already a redistribution rule for any Connected interface into OSPF.   Remember these? All these L3 interfaces are directly connected interfaces.

Screen Shot 2014-06-26 at 3.28.17 pm

By redistributing connected routes into OSPF it will allow our LIFs that are in the kernel of every hypervisor to be redistributed. This will present the LIFs via routes in OSPF to the NSX Edge Services Gateway.

Now it is time to enable OSPF on the Edge Services Gateway.

Screen Shot 2014-06-26 at 3.20.56 pm

Double click the Edge Services Gateway. This will open an advanced preference pane. Select the Manage tab and it will display settings about the Virtual Appliance. Select Routing.

Screen Shot 2014-06-26 at 3.21.08 pm

Notice the Default Gateway is already populated from the deployment window.

Select the Edit button next to Dynamic Routing Configuration.

Screen Shot 2014-06-26 at 3.21.20 pm

The Router-ID needs to be configured. Use the interface address of the Uplink interface. Do not enable OSPF from this window. Click Save.

Screen Shot 2014-06-26 at 3.22.13 pmPublish the changes by clicking the Publish Changes banner across the top. This allows administrators to configure various elements and Publish when ready. Along the left side select OSPF.

Screen Shot 2014-06-26 at 3.22.20 pm

Network Engineers will note familiar terminology here in regards to OSPF. Click the Green Plus under the Area Definitions section.

Screen Shot 2014-06-26 at 3.23.31 pm

Next create an area for OSPF. The area in this example is 10. If required, change the Authentication, and then click OK. Next, select the Green Plus under the Area to Interface Mapping section.

Screen Shot 2014-06-26 at 3.23.48 pm

Configure the interface that is required in the OSPF routing process and the area it should be residing in. Area 10 is the example used here.

Screen Shot 2014-06-26 at 3.27.54 pm

Notice the vNIC in Area to Interface Mapping is now in Area 10 with the default timers. Up the top click Enable to enable the OSPF protocol. To confirm that OSPF is enable and the routes are being received from the Logical Router.

Screen Shot 2014-06-27 at 3.35.30 pm

Here I have used SSH to log into the NSX Edge Services Gateway. The command show ip route will show that our redistributed networks on the logical router are being advertised by OSPF to the Edge Services Gateway. The default route is in place. We can see from the output of show ip ospf statistics that the Shortest Path First algorithm has been run. Show ip ospf neighbors outputs the neighbour relationship between the Logical Router and Edge Services Gateway.

This post has seen the administrator configure dynamic routing on the NSX Edge Services Gateway and the Logical Router. Now that the logical application has a connectivity method to the physical world. The next post will look at vNIC level fire walling with distributed firewall and start of policy enforcement.

6 thoughts on “Installing VMware NSX – Part 7”

    1. Yes. OSPF can be configured between two ESGs, between a DLR and ESG, ESG and Physical device, and DLR and Physical device.

      1. Thank you, buddy! i have two esxi hosts in my environment, i deployed the ESG on each host, i configured OSPF on the two ESG, but when i run command ‘show ip route’ on edge gateway service, i can’t find ospf item, i can only see the connected and static route item. So i am confused if we can configure ospf between ESG. But now i got your answer, i will try to make it work. thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *