Home‎ > ‎VCIX-NV Study Notes‎ > ‎

Section 1.1.2 - Prepare hosts and clusters

Prepare hosts and clusters

Next we are going to prepare the hosts and clusters for the NSX features.  We will start by installing the NSX firewall, then we will proceed with the logical network preparation.

1. First we will goto the NSX plugin.

2. That will bring us to the NSX home screen.  Down the Left side you will see all the tools we will be using,  Click on the Installation tool

3. The first thing you will see no the installation tool is a list of your NSX Managers and controllers.  You should see 1 and only 1 NSX manager.   (There can be only one).  You will not see any NSX controllers yet, we haven’t deployed any.

4. Next we will click on the Hosts Preparation tab.  Nothing is configured at this time.

5.  Hover over the right side of the Installation status box on the row of the cluster you wish to configure and you will see an install button.  Click it and choose yes.  You may do this for all the clusters you have.

6. Once it is complete you will see the installation status with the Version installed and the Firewall enabled.    This is the most basic install you can configure.  the NSX firewall can be used to protect your VMS and do micro-segmentation at this point.

The installation process installed the VIBs for NSX into all the ESX hosts in your cluster.  this is a CLUSTER level feature, you cannot isolate individual hosts.   

Next we will do the prep work for configuring logical networks.   Logical networks need a segment ID range, a Transport zone and VXLAN configuration.

— Configure VXLAN and vTEPs

1.  You should now see that the VXLAN is not configured for either cluster.   To configure click on the gear wheel in the VXLAN Column of the cluster you are configuring.  Choose configure VXLAN.

2. The VXLAN wizard will pop up.  First you need to select the switch where the VMKernel ports for the vTEPs will be created.  You will need to provide a VLAN ID and set the MTU.  The MTU MUST be 1600 or greater (MAX 9000)  So you need to have the MTU set properly on your physical network as well.

3.  Next select how you will IP the vTEPs, you can use DHCP, but I prefer to use IP pools.  Select use IP pool and create a new Pool.  

4. Choose your fail over teaming.  Make sure it matches your physical network.  If you don’t have LACP enabled on the physical layer you can’t use LACP.

5. Click ok, your cluster will start to configure the vTEPs for the hosts.  Proceed to configure the next cluster.

--  Next we will configure logical network support..  Click on the Logical Network Preparation tab.

1.  First we will configure a Segment ID.  A Segment ID is like but not the same as a VLAN ID.   The range for VMware starts at 5000 and can go as high as 16777215.  However you can only have a maximum of 60,000 logical networks on your DVSwitches.  That is the maximum number of port groups that can be in a vCenter install.  For my lab I make it 5000-6000.  Click on the Edit button and populate the range.

2.  Next click on Transport Zones.  A transport zone defines what clusters will be used to back the logical switches.  A logical switch is created inside a transport zone and cannot span them.  And you cannot configure logical routers to route between transport zones., nor can you configure an Edge router configured with a logical switch in 1 transport zone to have an interface on a logical switch in a different transport zone.   Click on the Green “+”

3. Give the transport Zone a name and if you wish a description.  The replication mode really depends on your network.  If you already have multiCast enabled on your physical switches you can choose multicast and the switches will handle the VXLAN replication.  In my lab I use unicast because I don’t have switches that can support multicast.  This means the NSX controllers handle the replication of all the VXLAN information between ESX hosts.  

We have now completed the prep work before we can deploy NSX controllers.   The next post will cover that topic.

 


Comments