NSX-T Fundamentals: Logical Networking

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone thank you uh for watching again so for today i want to go back to basics with nsxt and the reason for that is that i'm seeing an awful lot of really really great content on really advanced topics so that's nsx federation that's doing bridging uh all kinds of advanced use cases and i was talking to a customer the other day and what really struck me is that not everyone is as far along on the nsx and network virtualization journey as we often think you know if we're heavily invested in msx we're working on it on a day-by-day basis you might easily forget or neglect that a lot of people are still very much starting at the journey um so with that perspective i wanted to do a you know a really basic introduction of network virtualization so in my last video i kind of explained how i set up my home lab environment really simple really basic and today i just want to let you see how basic nsx logical switching and logical routing works and let's start off with switching to a a simple diagram so this is basically what i'm trying to achieve and it might seem a bit complex let's get that video out of the way so you get a full picture as you can see i'm really just building a simple three-tier application so i have my i'm gonna try something new here i have my web here with two virtual machines i have an application tier and a database here these virtual machines are all connected to nsx segments or logical switches in the old terminology the logical switches are connected to a distributed router because that's one of the core functions of nsx the default gateway so the first top gateway of every virtual machine is a distributed router which is deployed by nsx so what is a distributed router the scripted router is a kernel module so it's an in-memory component that's running in each and every esxi host prepared for prepared for nsx so that means that the uh default gateway for each virtual machine connected to a nsx segment is always going to be the esxi server so that basically prevents us from having to hairpin our traffic all the way to a physical router or a firewall or more generally generally speaking a layer 3 device in our network so we don't have to traverse that physical link back to the esxi server worst case scenario if web 01 and f01 is running on esxi server one um so worst case if you're not using network virtualization that means that the traffic suit needs to reverse the physical network all the way up to your physical router then back to that esxi server back into the virtualization stack and yeah that's basically a really inefficient way of doing routing so in the new situation if we're running a distributed router with nsx then as you can see here if i want to want to route traffic from web 01 to app 01 i'm just hitting the i server esxi the distribute router i'm going to route my traffic into my f01 virtual machine it never hits the physical wire this routing is being done in memory so this is really really powerful and it really optimizes the way we route traffic in our data center so what you see here in this diagram is that um on the left hand side we have the physical view and on the right hand side we have the logical view the logical view is really simple it's really basic it's just a layer three device a router and it has three networks connected with my virtual machines so if we zoom in a bit on the physical side again here you can see that to actually route traffic using the distributed router between esxi house so for example if web 02 is running on es6 server o2 and i want to route traffic to that machine from f01 which is running on es601 then we're going to need to hit a physical wire and the physical wire is basically a single vlan a single transport network which we will use to transport the encapsulated geneva traffic now genevieve is the network virtualization or the overlay protocol that lsxt uses this basically means that if my ipv4 packet if it hits the tip interface so that's the tunnel endpoint interface for the geneva tunnel then my ipv4 packet will be encapsulated here or my geneva packet will be encapsulated here it will be transported over a basic ip network the only requirement is that we have an mtu size of um 1600 bytes or larger so we can accommodate the encapsulation um most implementations you'll see mtu size of 9000 but basically all we do is encapsulate the traffic or the packet we transport it across an ip network to the other esxi server the tap interface here does the de-encapsulation and it gets routed to web 02 which is running on there now this might all seem a bit complex so what i want to do now is dive into a demo in my to my demo environment and let you see how we configure this topology so in my previous video i showed you how to set up the transport networking the transport nodes the edges etc etc so what we need to deploy distributed routers which are called t1 gate t1 and t0 gateways you can forget the t0 and t1 terminology for now i will dive into the hierarchy of routing of nsxt in a separate video in this demo i'm simply going to use a tier 1 distributed router which is running as a kernel module in memory on each and every esxi server so what you see here is a t1 gateway which which runs my distributed router which i'm going to use to connect my three segments so the three segments are my web tier my application tier and my database there so in fancy nsx terminology these are now called segments in nsxv we call them logical switches it doesn't really matter these are just the networks to which 30 machines get connected so if i switch back to my vcenter view you'll see that these port groups or these logical switches or segments are visible in the vcenter client so i have my application virtual machine you can see a small n icon there which is representative of nsx of course i've connected my application virtual machine to this logical switch my database vm to the database logical switch and my two web servers to the web logical switch so it's really basic if i take another view so if i look at the configuration of my virtual machine um it's just as simple as selecting um a logical or connecting the network adapter to this segment um so that's really nothing special other than just connecting it if you want to connect it to a traditional vlan backboard group then it works just in the same way switching back to the energex view again so let's take the app segment for example the f segment is connected to my tier one logical router which is the which runs my distributed router i configure it with a default with an ip address so a default gateway address in a cider [Music] method of writing it down so that's 10-0.101.1 slash 24 and here you can see that there's one virtual machine connected which is my f01 to this um to this segment so if we take a look at the diagram um to see the interface that i just created on the distributed router and we're looking at the application segment the app segment and here i configured a dot one n a dot one ip address uh 4d 10.0.101 uh slash dot zero slash 24 segment so as you can see here that it's it does some really smart stuff to um to make sure that the default gateway is always one hop away so i can have a and this this kind of goes against you know traditional networking rules but physically speaking logically speaking there is only one default gateway the distributed router is a single logical entity distributed across all the esxi servers participating in nsx so as you can see here i can have a dot one here and a dot one there if there is a virtual machine uh two virtual machines connected to this segment and they are both running on other esxi servers then physically the gateway is is different so switching back to the to my home lab environment again um let's take a look at the other segments so i'm basically doing the same for my database segment i haven't connected to the to the tier 1 gateway configured ip address for the default gateway and the same for the web interface okay so let's take a look at where my virtual machines are running i'm running f01 and web01 on esxio201 esxio2 is running web server o2 and e6i3 is running my database for each machine so let's do some basic tests here so let's log on to [Music] web001 to do some basic ping testing so i'm going to ping my default gateway that's successful um if i now log on to web002 and do the same test so i'm also going to ping the default gateway then you will see that i'm also able to ping that same gateway which is actually now the esxi has to distribute router kernel module responding and that's really interesting to see what's also interesting to see if is if i try to ping the application virtual machine which is running next side to alongside web01 so that is ping 10.0.1.1 so i'm now routing traffic uh let's switch to um my ipad again so i'm now basically routing traffic from web01 to f01 and this means from a physical perspective that i'm not hitting a physical wire i'm just routing here now if i want to uh do the same pink test from web 02 to f01 then i'm going to need to traverse the physical wire back up here to apple one so web o2 i'm going to ping 10.0.101.150 which is my application server so this is now reversing i'm pinging from web 01 through my distributed router it's hitting the tip interface it's being encapsulated it's being transported across the ip network it gets de-encapsulated by the tab interface it gets routed to the application interface now this is basic basic nsxt logical routing so in my next video i want to dive into a couple of new concepts or constructs so we're now just talking about a distributed router running on a t1 logical router and in my next video i'm going to introduce the concept of a service router and i'm going to explain and demo uh the hierarchy of 0 routing and t1 routing so yes stay tuned from on my channel hopefully this was informative i hope you um you picked up some new stuff on nsxt it's really exciting i'm just scratching the surface here so um yeah bear along with me and see you next time thanks
Info
Channel: Jeffrey Kusters
Views: 8,477
Rating: 4.9808612 out of 5
Keywords: iMovie
Id: 94L7EKo-Cqk
Channel Id: undefined
Length: 15min 39sec (939 seconds)
Published: Thu Oct 29 2020
Related Videos
NSX-T Architecture & Benefits by Erik Bussink, VMware
Scrtinsomnihack
33K
Data Center Network Evolution with NSX | VMware
VMware NSX
50K
Dennis Lefeber explains the differences between NSX-T and NSX-v
ITQ
7.3K
NSX-T Transport Zones in 5 minutes!
NRDY Tech
5.2K
VMware NSX-T: Loadbalancing
Jeffrey Kusters
1.1K
VMware OVERVIEW!! | What is vSphere | What is ESXi | What is vCenter???
Emilio Aguero
19K
TAM Lab 025 - NSX-T Lab Install
VMware TAM Lab
10K
Before I do anything on Proxmox, I do this first...
Techno Tim
201K
vRealize Suite Overview
VMware SPSA
26K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.