VMware NSX Lab in a night = awesome

So… VMware’s NSX is super awesome! I’m one of those weird guys that find playing with networking and virtualization on a Monday night more fun and exciting than a weekend in Vegas. Ok, maybe not so much, but still somehow I managed to stay up past midnight deploying an NSX “Lab” just by messing with it. I say screw the guide, I learn better by just pressing buttons and breaking things… I’m not doing this for a client so what gives? Let’s poke…

After some fun I’ve gone from just knowing concepts of SDN to a fully usable network running on top of VMware NSX. It’s complete with:

  • Single 6.2 controller
  • VXLAN transport on a Force10 S60 with PIM and IGMP snooping enabled
    • Since I already had Distributed vSwitches, it was very easy to provision the transport
  • Multicast Transport Zone and segment ID
  • Single NSX Edge running OSPF connecting to the S60 core and redistributing connected networks
  • Single logical switch (for now)
  • Two VM’s on two different hosts to test connectivity
  • Smiles

Captured live flows while downloading a CentOS ISO from a mirror site just to test speeds.

Screen Shot 2016-02-23 at 12.35.01 AM

So far i’m very impressed with what NSX can do, and i’ve only scratched the surface. Think stretched networks over L3, per-VM firewall policies both at Layer 3 and Layer 2 levels, Logical routers between virtual switches, each with its own ACLs, HA edges, so many cool things!. Only 59 days left…

It’s almost 1am and I should really go to sleep now. Good night.

2 thoughts on “VMware NSX Lab in a night = awesome

  1. Hi! Nice work! Would you like to share your physical configuration of Force10 FTOS switch? We are struggling to find correct multicast settings for the very similar setup.

    1. All i had to do is just enable IP Multicast Routing. I didn’t get into specific groups or filtering. These are the commands i used:

      ip multicast-routing
      ip igmp snooping enable

      I’m running an S60 as my core switch in the lab, version 8.3.3.10. The S60 does OSPF back with my physical firewall and router, and got it to exchange routes with NSX Edge so it knew how to get back. Firewall advertises default route in OSPF too, so all routing once OSPF was enabled in NSX just worked.

      The dvSwitch has 4 uplinks, not in LACP/LAG, just standalone and using load distribution based on physical NIC load.

      Hope this helps!

Leave a Reply