VMware NSX

View Only

Transport node of Edge cluster member must belong to overlay transport zone ?!

TryllZ posted Jun 04, 2024 03:31 PM

Hi,

This is my very 1st attempt with stretched networking, and am facing an issue with RTEP and Tier-1 Gateway, which fails and shows the below errors.

[Routing] Transport node b08d84fa-1234-4110-b4cc-fce02b1e0e52 of Edge cluster member must belong to overlay transport zone 1b3a2f36-bfd1-443e-a0f6-4de01abc963e of logical router dec562f9-2825-4047-be91-d353b2b047dd.
[Routing] Transport node a7aaa288-af1e-4510-ad79-91a8d54219a5 of Edge cluster member must belong to overlay transport zone 1b3a2f36-bfd1-443e-a0f6-4de01abc963e of logical router dec562f9-2825-4047-be91-d353b2b047dd.
[Routing] Transport node b08d84fa-1234-4110-b4cc-fce02b1e0e52 of Edge cluster member must belong to overlay transport zone 1b3a2f36-bfd1-443e-a0f6-4de01abc963e of logical router dec562f9-2825-4047-be91-d353b2b047dd.
[Routing] Transport node a7aaa288-af1e-4510-ad79-91a8d54219a5 of Edge cluster member must belong to overlay transport zone 1b3a2f36-bfd1-443e-a0f6-4de01abc963e of logical router dec562f9-2825-4047-be91-d353b2b047dd.

In the above errors:

ID b08d84fa-1234-4110-b4cc-fce02b1e0e52 is of Edge Node1

ID a7aaa288-af1e-4510-ad79-91a8d54219a5 is of Edge Node2

ID 1b3a2f36-bfd1-443e-a0f6-4de01abc963e is referring to is the NSX Default Transport Zone, even though I have created my own Overlay Transport Zone, which is added to both Edge node.

3 Transport Zones (My Overlay, My VLAN, and System Default RTEP) is added to the Edge Nodes.

The Edge Nodes are receiving IP from the RTEP IP Pool as can be seen below, edge nodes RTEP is in VLAN 1165, Host and Edge TEPs are in VLAN 1160.

UUID                                   VRF    LR-ID  Name                              Type
00002200-0000-0000-0000-000000000802   4      2050   REMOTE_TUNNEL_VRF                 RTEP_TUNNEL
Interfaces (IPv6 DAD Status A-DAD_Success, F-DAD_Duplicate, T-DAD_Tentative, U-DAD_Unavailable)
    Interface     : 6b02940f-a58b-540b-b9d4-d70cfffc2481
    Ifuid         : 289
    Mode          : cpu
    Port-type     : cpu
    Enable-mcast  : false

    Interface     : 633edbed-db7e-56d5-8d98-63f08d77bbf7
    Ifuid         : 290
    Mode          : ****
    Port-type     : ****

    Interface     : dbe23a94-25b8-44ce-9e2a-15c4eb07d893
    Ifuid         : 292
    Mode          : loopback
    Port-type     : loopback
    IP/Mask       : 127.0.0.1/8;::1/128(NA)

    Interface     : d6c11abe-413d-4fc7-9cfb-d62e4e470766
    Ifuid         : 291
    Name          : remote-tunnel-endpoint
    Fwd-mode      : IPV4_ONLY
    Internal name : uplink-291
    Mode          : lif
    Port-type     : uplink
    IP/Mask       : 10.11.65.73/24;fe80::250:56ff:fe8f:33f7/64(NA) <--- IP v4 received from IP Pool
    MAC           : 00:50:56:8f:33:f7
    VLAN          : 1165
    Access-VLAN   : untagged
    LS port       : 67592eb3-964a-4fb3-bb91-fc5a04ed4339
    Urpf-mode     : PORT_CHECK
    DAD-mode      : LOOSE
    RA-mode       : RA_INVALID
    Admin         : up
    Op_state      : up
    Enable-mcast  : False
    MTU           : 1700
    arp_proxy     :

This above error shows when creating Stretched Tier-1 Gateway in Global Manager, Tier-0 Gateway creates successfully. This error is the same in on all 3 Sites Edge Nodes alarms which tells me something is wrong in the configuration.

Broadcom Employee Francois Tallet posted Jun 04, 2024 04:28 PM

Not a federation guru, but I think federation only works with the default overlay transport zone.

Try editing your overlay transport zone and set it as default.

TryllZ posted Jun 04, 2024 04:37 PM

Thanks @Francois Tallet

I was following a video from Iwan Hoogendoorn who created new Overlay and VLAN Transport Zones, and it worked fine. The difference being he's using ver 3.x, I'm using 4.x.

I did try settnig my Overlay Transport Zone as Default yesterday, and it ran into a different error for both Tier-0 and Tier-1 gateways.

I just remembered, I set my Transport Zone to Default after which might have been the reason for Tier-0 and Tier-1 Gateway errrors, I will remove everything and set it to Defaut 1st, then configure everything, and see how it goes.

lleitao posted Jun 06, 2024 04:13 AM

Could it be that on the Global Manager side, the manually created Transport Zone has not been set as the Default Transport Zone for the Federation?

https://docs.vmware.com/en/VMware-NSX/4.1/installation/GUID-AD369B9D-4ADC-4CE9-B8DC-BB2B47C7BFBF.html

Verify that each location has a default overlay transport zone configured. From each Local Manager, select System > Fabric > Transport Zones. Select an overlay transport zone, and click Actions > Set as Default Transport Zone.

TryllZ posted Jun 06, 2024 04:43 PM

Thanks @lleitao

Appreciate you adding that, will check them..

TryllZ posted Jun 17, 2024 04:52 PM

An update on this.

I was earlier on version 4.1.0.2 which seemed to have some issue where the RTEP status would stay Not Configured even after configuration, tested with connecting Segments to VM as well.

I now deployed version 4.1.2 and now the RTEP Tunnel shows the status as Down.

Any advise on where to start looking for troubleshooting as I can't seem to find any links particularly on RTEP troubleshooting ?

Thank You

TryllZ posted Jun 26, 2024 03:22 PM

The RTEP status remaained down due to firewall, removed firewall completely and replaced it with VyOS Router, and with proper routes in place, all tunnels are up now.