VMware NSX

 View Only
  • 1.  Logical Switch without DLR

    Posted Mar 23, 2016 07:07 PM

    If I choose not to deploy a DLR, but deploy logical switches, can I still perform all routing on my physical routers?  Obviously this is not advisable, but is it possible?



  • 2.  RE: Logical Switch without DLR
    Best Answer

    Broadcom Employee
    Posted Mar 23, 2016 07:57 PM

    You'd need something method of getting the traffic from the logical switches to the physical network.  In order for the traffic on those logical switches to reach the physical network you'd need to do one of two/three things:


    1.  Bridge the VXLAN with a VLAN (logical switch to distributed port group).  In NSX 6.2, this requires a DLR.

    2.  Connect the logical switch to an Edge Services Gateway as the default gateway, and uplink of the Edge Services Gateway to a VLAN-based port group.

    3.  I also believe you can add a hardware-based VTEP endpoint, which will act as a bridge between the logical switch and a physical VLAN.





  • 3.  RE: Logical Switch without DLR

    Posted Mar 23, 2016 08:06 PM

    great - thanks!



  • 4.  RE: Logical Switch without DLR

    Posted Apr 24, 2016 12:12 PM

    If a Logical Switch is used with a Hardware VTEP for Vxlan Bridging, it is currently not possible to attach a DLR to this logical switch. If in case DLR functionality (Distributed Routing) is needed between this Vxlan and other Logical Switches this Hardware VTEP may need to be removed:

    Do I need a hardware VTEP for my NSX for vSphere? | Telecom Occasionally

    "Reference topologies in NSX make extensive use of Distributed Routing, but using HW VTEP to bridge LS with VLAN is not compatible with DLR, and need special attention during design phase."

    With software bridging, a Logical Switch connected to a DLR can also be bridged to a VLAN-backed dvPortgoup. In such case, both VMs and physical endpoints can use the DLR as their IP gateway.

    However current implementation of NSX HW VTEP bridging does not support such configuration. If a Logical Switch is connected to a DLR, it will not be possible to attach a “Hardware Port” to it.

    Though this may change in the upcoming releases:

    https://www.vmguru.com/2015/10/the-future-of-virtual-networking-from-vmworld-part-1/ 

    When you create a Logical Switch, it is pushed towards all ESXi and hardware switches so you can easily bridge virtual and physical ports. When you create a Logical Router, it would also be pushed to both the ESXi hosts (through NSX native protocol) and to the hardware switches (through OVSDB), creating a complete distributed routing layer. Packets would be routing through the most efficient paths.

    This also creates a cool new way to optimise routing inside the physical network, without creating large configurations on each switch and add a lot of complexity to the network. If implemented in a largely physical workload network, this will optimise routing paths immensely.