Skip to main content

Tunnel Endpoints

Tunnel endpoints are essential in VMware NSX-T  for managing network connectivity across different environments. They handle the encapsulation and decapsulation of network traffic as it moves between overlay and underlay networks. Here are the key aspects of tunnel endpoints in NSX-T. Its uses in both East-West as well as North-South traffic communication.





Geneve Tunneling Protocol: NSX-T uses the Geneve tunneling protocol for encapsulating overlay traffic. Geneve offers a flexible and extensible framework, ensuring efficient and secure communication among virtual machines (VMs) and NSX-T logical networks.


Tunnel Endpoint (TEP) IP Addresses: Each hypervisor host or NSX-T Edge node is assigned a unique TEP IP address as its tunnel endpoint. These addresses are used for encapsulating and decapsulating overlay traffic between different endpoints.


Overlay Transport Zone (OTZ): An Overlay Transport Zone defines the scope of network communication within an overlay infrastructure. TEP IP addresses are assigned to hypervisor hosts or NSX-T Edge nodes within an Overlay Transport Zone, facilitating proper encapsulation and routing of overlay traffic within that zone.


TEP (VXLAN Tunnel Endpoint):  Tunnel Endpoint (TEP) is a software component on a hypervisor host or NSX-T Edge node responsible for encapsulating and decapsulating overlay traffic. TEPs are associated with TEP IP addresses and enable communication between overlay and underlay networks.


Gateway TEPs: In NSX-T , Gateway Tunnel Endpoint (Gateway TEP) represents the TEP IP address associated with an NSX-T Edge node functioning as a gateway. Gateway TEPs route traffic between overlay and external networks, establishing connectivity with physical or virtual networks beyond the NSX-T environment.


It's important to note that specific configurations and functionalities of tunnel endpoints in NSX-T may vary depending on deployment models, network architecture, and use cases. For comprehensive information on tunnel endpoints and their implementation in NSX-T .

I recommend consulting VMware's official documentation, such as the NSX-T Administration Guide and the NSX-T Design Guide.

Comments

Popular posts from this blog

Changing the FQDN of the vCenter appliance (VCSA)

This article states how to change the system name or the FQDN of the vCenter appliance 6.x You may not find any way to change the FQDN from the vCenter GUI either from VAMI page of from webclient as the option to change the hostname always be greyed out. Now the option left is from the command line of VCSA appliance. Below steps will make it possible to change the FQDN of the VCSA from the command line. Access the VCSA from console or from Putty session. Login with root permission Use above command in the command prompt of VCSA : /opt/vmware/share/vami/vami_config_net Opt for option 3 (Hostname) Change the hostname to new name Reboot the VCSA appliance.   After reboot you will be successfully manage to change the FQDN of the VCSA . Note: Above step is unsupported by VMware and may impact your SSL certificate and face problem while logging to vSphere Web Client. If you are using self-signed certificate, you can regenerate the certificate with the

Collecting Logs from NSX-T Edge nodes using CLI

  This article explains how to extract the logs from NSX-T Edge nodes from CLI. Let's view the steps involved: 1) Login to NSX-T  Edge node using CLI from admin credentials. 2) Use of  " get support-bundle " for Log extraction. get support-bundle command will extract the complete logs from NSX-T manager/Edge nodes. nsx-manager-1> get support-bundle file support-bundle.tgz 3) Last step is to us e of " copy file support-bundle.tgz url " command. copy file will forward your collected logs from the NSX-T manager to the destination(URL) host from where you can download the logs. copy file support.bundle.tgz url scp://root@192.168.11.15/tmp Here, the URL specified is the ESXi host ( 192.168.11.15) under /tmp partition where logs will be copied and from there one can extract it for further log review. Happy Learning.  :)

Removing NSX-T manager extension from vCenter

In NSX-T starting from ver 2.4 NSX-T appliance got decoupled from vCenter where now its not mandatory to run NSX-T on vCenter platform only. Now NSX-T can be managed through standalone ESXi host, KVM or through container platform. As in version 2.4 there is still an option available to connect vCenter to NSX-T using Compute Manager. Here in this blog we will learn how we can unregister and register NSX-T extenstion from vCenter in case of any sync or vCenter connectivity issue with NSX-T. Lets get started.. 1) Login to NSX-T UI Go to -> System ->Compute Manager Here, vCenter is showing in Down status where the status is showing as "Not Registered" 2) When we click on "Not Registered" option its states below error. 3) When try to click on Resolve option its states below. At this stage if the Resolve option doesn't work then its require the remove the NSX-T extenstion from vCenter. To remove the NSX-T e