NSX-T BGP Neighbor validation  BGP is one of the most popular options for establishing routing adjacencies between NSX and existing networks. It can be configured on the Tier-0 Logical Router . This article demonstrates various ways from where you can validate the BGP Neighbor status from T0 to its associated ToR switches into the rack. Let's get started.. Methods from where one could validate BGP status are as below. Using NSX-T Manager UI From NSX-T Edge CLI First thing first, let's discuss using NSX-T Manager UI method. Login to NSX-T Manager UI Click on MANAGER mode Click on Network Select the desired T0 Gateway > Action > Generate BGP Summary This will show the BGP Connection status.  If Connection status is showing as "ESTABLISHED". This means that T0 router has successfully peering with ToR switch. The second method where you can validate the BGP Connection status is from NSX-T Edge nodes. Steps involved: Login to NSX-T Edge node using SSH Get into the lo...

There is various enhancement done in NSX-T version 3.0 by VMware.  Let's talk about architecture change in NSX-T version 3.0 Some of the below changes were made concerning the internal communication mechanism within the NSX-T components.  T hey are: Architecture ramp-up: NSX Manager and its cluster communicate with their transport nodes through APH Server ( Appliance Proxy Hub ) NSX Manager communicates with NSX-Proxy through port 1234. CCP (Central control plane) communicates with NSX-Proxy through port 1235 . RabbitMQ messaging is replaced with NSX-RPC between the management plane and CCP.     Add caption   Alarm and Events   In NSX-T version 3.0, there is an introduction of Alerts and Events which help in the active monitoring of different components of the environment.   Network Topology UI   In NSX-T 3.0 there is a view of the network topology which gives a diagram of each component of NSX-T.  This view gives about numbers of VM connecte...

In the NSX-T environment, there were scenarios where it's required to bring down the manager node instances off from the cluster due to several abnormal reasons. Scenarios like if there were some issues during the upgrade of the manager node instance or having any abnormal circumstances where is node unable to recover from NSX-T Manager UI.  To recover/replace the node from the manager cluster its require to attempt with the manual process . Let's discuss the manual path to recover/Replace a Manager Node in the Cluster. 1) Login to NSX-T manager using CLI 2) Use command ' get cluster status ' This command will list all the NSX-T manager/controllers nodes into the cluster. Find the UUID of the existing node and Cluster to identify the node which requires recover/replace. 3) Now that we have identifying the manager node ID from the above command, its time to detect the node from the cluster.  Using detach node command "node id" will remove the node from the clus...

In NSX-T starting from ver 2.4 NSX-T appliance got decoupled from vCenter where now its not mandatory to run NSX-T on vCenter platform only. Now NSX-T can be managed through standalone ESXi host, KVM or through container platform. As in version 2.4 there is still an option available to connect vCenter to NSX-T using Compute Manager. Here in this blog we will learn how we can unregister and register NSX-T extenstion from vCenter in case of any sync or vCenter connectivity issue with NSX-T. Lets get started.. 1) Login to NSX-T UI Go to -> System ->Compute Manager Here, vCenter is showing in Down status where the status is showing as "Not Registered" 2) When we click on "Not Registered" option its states below error. 3) When try to click on Resolve option its states below. At this stage if the Resolve option doesn't work then its require the remove the NSX-T extenstion from vCenter. To remove the NSX-T e...

As in the previous article I have illustrated about the NSX-T DC 2.4 management plane and Central control plane which is now conversed into one nsx manager node. MPA (Management Plane Agent): This agent is located on each transport node which communicate with the NSX manager NETCPA :  It provides communication between central control plane and the hypervisor. The management plane and the central control plane (CCP) run on same virtual appliance but they perform different functionality and will cover about they technical aspects below. The NSX cluster can scale to max of 3 NSX manager nodes run on the management and CCP. Communication process The nsx-mpa agent on transport node get communicated with NSX manager over Rabbitmq channel which is on port 5671 Now, the CCP communicate with transport node through nsx-proxy through port 1235 The task of NSX manager is to push the config to the CCP. The CCP con...

NSX-T Control Plane Components In NSX-T Datacenter the control plane is split into 2 components which are Central Control Plane (CCP) and Local Control plane (LCP)/ Lets discuss more about Central Control Plane, Central Control plane (CCP)  In central control plane its compute and disseminate the ephermeral runtime state based on the config of management plane and topology reported by data plane element. Local Control Plane (LCP) It run at the compute endpoint like on transport node (ESXi/ KVM, baremetal) . It computed the local empheral runtime state for the endpoint based on the update from the CCP and LCP information. The LCP pushes stateless configuration to forwarding engines in the data plane and report the information back to CCP. This process easy the task for CCP and enable the platform to scale to thousand diffrent type of endpoints (Hypervisor, containers, hosts,baremetal  or public cloud)

Architecture layout of NSX-T Data Center As we all know that NSX is one of the retro product of VMware into the network and security. It run on any device, any cloud and and any application. At present one can run and its connectivity on most of the public cloud like Alibaba, IBM Cloud, AWS or Azure. Lets talk about the all rounder of NSX which is NSX Transformer (NSX-T) which can make communication with various hypervisor like ESXi, KVM, Containers, Openstack and many more. To continue conversation with NSX-T Data Center, lets discuss its major elements. There are 3 main elements of NSX -T Data Center which are: 1) Management Plane 2) Control Plane 3) Data Plane In NSX-T Datacenter ver 2.4 Management and Control Plane are converged means the are now available on single VM or you can say in one OVF. 1) Management Plane:   It is designed with advance clustering technology, which allow the platform...

CDO  ( Controller disconnect operation) Mode in NSX Controller. CDO mode ensures that the data plane connectivity in the multisite environment. When primary site loses connectivity. Here you can enable CDO mode on secondary site to avoid any temporary connectivity issue related to data plane.  When the primary site is down or not reachable, the CDO logical switch is used only for control plane. Purpose and therefore its a not visible under logical switches tab.

NSX VTEP Reports NSX Controller VXLAN directory services. There are basically 3 types of tables under VTEP 1) MAC Table 2) ARP Table 3) VTEP Table MAC Table:  The MAC table includes the VNI, the MAC address and VTEP ID that reported it. If a unknown unicast frame is reviewed by a VTEP. The VTEP sends a MAC table request to NSX Controller for a destination MAC address. If NSX controller has the MAC address in the MAC table, it replies to the VTEP with information on where to forward the frame. If NSX controller does not have MAC address in the MAC table then the VTEP floods the frame to other VTEP's. ARP Table: The ARP table used to suppress the broadcast traffic. IP report generate the ARP Table. The VTEP's send a copy to each MAC address and IP mapping that they have. This report is called the IP reports. NSX controller creates a ARP ta...

NSX VXLAN Logical Switch Replication Mode. NSX controller is the central control point for all logical switches within a network and maintain information of all virtual machine, host, logical switch and VXLAN. The controller support two new logical switch control plane mode. 1) Unicast 2) Hybrid The replication mode tells NSX to manage BUM traffic which sent from virtual machine. Multicast mode Control plane operation is based on multicast flooding and learning. BUM traffic replication is based on L2 and L3 multicast. It require 1GMP and multicast routing. Unicast Mode Control Plane operation is based on NSX controller cluster. BUM traffic replication is based on unicast . (One destination at a time) Host depend on UTEP (unicast TAP) for replication for traffic on remote signal. Hybrid Mode Bum traffic replication based on unicast and L2 multicast. Local replication is offloaded to physical network. Remote replication is based on unicast. ...

VXLAN (Virtual Extensible Local Area Network) Logical Switch reproduce switching functionality (Unicast, multicast or broadcast) in virtual environment which completely decouple from underlying hardware. Logical Switches are similar to VXLAN in that they provides network connections to which you can attach virtual machine. The VM's can communicate with each other over VXLAN if they are connected to some logical switches. About VXLAN LIF The DLR support logical switches which are backed by VXLAN. First-hop routing is handling on the host, the traffic is switched to appropriate logical switch. If the destination is at another host. the ethernet frame is placed in the VXLAN frame & forward. Only one VXLAN LIF can connect to logical switch. The next-hop can be an NSX Edge service gateway. VXLAN LIF can span all distributed switch in the transport zone.