Objective 5.1 – Create and Administer Logical Switches

Posted by

1

Knowledge

  • Configure IP address assignments

    I’m not clear what is being asked for here, the only relevant section I can find is in the design guide, and is basically the following:

    • The IP address assignment depends on whether the virtual machine is connected to a logical switch through a NAT or a non-NAT configuration
      •  NAT In the deployments where organizations have limited IP address space, NAT is used to provide address translation from private IP space to the limited public IP addresses. By utilizing Edge services router, users can provide individual tenants with the ability to create their own pool of private IP addresses, which ultimately get mapped to the publicly routable external IP address of the external Edge services router interface.
      • Non-NAT Organizations that are not limited by routable IP addresses, have virtual machines with public IP addresses or do not want to deploy NAT can use static and dynamic routing features available with the NSX platform. In the NSX platform two different modes of logical routing is supported. One is called distributed routing and the other one as centralized routing. The distributed routing provides better throughput and performance for the East West traffic while the centralized routing handles the North South traffic.
  • Add/Remove a logical switch
    • Log in to the vSphere Web Client.Click Networking & Security and then click Logical Switches.
    • Click the New Logical Switch icon.
    • Type a name and description for the logical switch.
    • Select the transport zone in which you want to create the virtualized network. The Scope Details panel displays the clusters that are part of the selected transport zone and the services available to be deployed on the scope.
    • By default, the logical switch inherits the control plane mode from the transport zone. You can change it to one of the other available modes:
      • Unicast: The control plane is handled by an NSX controller. All traffic replication is handled locally by the hypervisor. No multicast IP addresses or special network configuration is required.
      • Hybrid: The optimized unicast mode. Offloads local traffic replication to physical network. This requires IGMP snooping on the first-hop switch, but does not require PIM. First-hop switch handles traffic replication for the subnet.
      • Multicast: Multicast IP addresses on physical network are used for the control plane. This mode is recommended only when you are upgrading from older VXLAN deployments. Requires PIM/IGMP on physical network.
    • Click OK.
  • Modify control plane mode
    • Login to the vSphere Web Client
    • Click Networking & Security and then click Logical Switches.
    • Select the logical switch that you want to edit.
    • Click the Edit icon
    • By default, the logical switch inherits the control plane mode from the transport zone. You can change it to one of the other available modes:
      • Unicast: The control plane is handled by an NSX controller. All traffic replication is handled locally by the hypervisor. No multicast IP addresses or special network configuration is required.
      • Hybrid: The optimized unicast mode. Offloads local traffic replication to physical network. This requires IGMP snooping on the first-hop switch, but does not require PIM. First-hop switch handles traffic replication for the subnet.
      • Multicast: Multicast IP addresses on physical network are used for the control plane. This mode is recommended only when you are upgrading from older VXLAN deployments. Requires PIM/IGMP on physical network.
    • Click OK
  • Connect a logical switch to an NSX Edge gateway
    • Log in to the vSphere Web Client.
    • Click Networking & Security and then click Logical Switches.
    • Select the logical switch that you want to connect an NSX Edge.
    • Click the Add Edge Gateway (5.1.Add Edge Gateway) icon.
    • Select the NSX Edge to which you want to connect the logical switch and click Next.
    • Select the interface that you want to connect to the logical switch and click Next.
    • A logical network is typically connected to an internal interface.
    • On the Edit Edge Gateway Interface page, type a name for the NSX Edge interface.
    • Click Internal or External to indicate whether this is an internal or external interface.
    • Select the connectivity status of the interface.
    • If the NSX Edge to which you are connecting the logical switch has Manual HA Configuration selected, specify two management IP addresses in CIDR format.
    • Edit the default MTU if required.
    • Click Next.
    • Review the NSX Edge connection details and click Finish.
  • Deploy services to a logical switch
    • Log in to the vSphere Web Client.
    • Click Networking & Security and then click Logical Switches.
    • Select the logical switch on which you want to deploy services.
    • Click the Add Service Profile (5.1.Add Service Profile) icon.
    • Select the service and service profile that you want to apply.
    • Click OK.
  • Connect/Disconnect virtual machines
    • Log in to the vSphere Web Client.
    • Click Networking & Security and then click Logical Switches.
    • Select the Logical Switch to which you want to add virtual machines.
    • Click the Add “+” icon.
    • Select the vNics that you want to connect.
    • Click Next.
    • Review the vNics you selected.
    • Click Finish.
  • Test logical switch connectivity
    • A ping test checks if two hosts in a VXLAN transport network can reach each other.
    • Log in to the vSphere web client.
    • Click Networking & Security and then click Logical Switches.
    • In the Name column, click the logical network that you want to test
    • Click the Hosts tab.
    • Select a host.
    • Click the More Actions (5.1.More Actions) icon and select Test Connectivity. The Test Connectivity Between Hosts in the Network dialog box opens. The host you selected in step 5 appears in the Source host field. Select Browse to select a different source host.
    • Select the size of the test packet.

      VXLAN standard size is 1550 bytes (should match the physical infrastructure MTU) without fragmentation. This allows NSX to check connectivity and verify that the infrastructure is prepared for VXLAN traffic.

      Minimum packet size allows fragmentation. Hence, NSX can check only connectivity but not whether the infrastructure is ready for the larger frame size.

    • In the Destination panel, click Browse Hosts.
    • In the Select Host dialog box, select the destination host.
    • Click Select.
    • Click Start Test.
    • The host-to-host ping test results are displayed.
  • Determine distributed virtual switch type and version for a given NSX implementation
    • There are 2 types of vSwitch supported for VMware NSX
      • VMware Distributed vSwitch (vDS)
      • Open vSwitch (OVS)
    • The following types of vswitch are not supported for the NSX transport layer
      • VMware Standard vSwitch (vSS)
      • Cisco Nexus 1000v
    • The version of vSwitch can be found here:
      • Log in to the vSphere web client.
      • Click Networking
      • Click on a vSwitch, and the manufacturer and version are displayed on the right hand pane.
        5.1.DVS version

Tools

  • NSX Installation and Upgrade Guide
  • NSX Administration Guide
  • NSX Manager
  • vSphere Web Client

One thought on “Objective 5.1 – Create and Administer Logical Switches

  1. Pingback: VMware VCP-NV NSX Study Resources | darrylcauldwell.com

Leave a comment