Deploying your Lab NSX-t 3.1 – Part 3

In our last blog post, we got to where we connected our workload to our newly created segment. At this point, you probably require internet access to and from your workloads or North-South connection. This blog post will guide you through the steps to connect your NSX-t with the outside world easily and quickly using a BGP connection.

In this blog I will cover the following activities:

  • Configure T0 Gateway
  • Vlan Segment
  • BGP Configuration
  • Connect T1 to T0
  • Route Re-Distribution

So let’s start with,

T0 Gateway Configuration

If you wish to simplify the NSX-t T0/T1 components, you can relate the T1 gateway to a physical switch, and T0 to a physical router. the T0 gateway is responsible for providing a North-South connection; or in other words, in/out connections. As in the physical world, the router requires interfaces. So our tasks begin with:

Creating a T0 gateway:

Browse to Networking -> Tier-0 Gateways ->; then click on Add Gateway -> Tier 0:

Now let’s provide a name for our Gateway (Oasis_t0_Gateway), HA Mode: Active-Standby, and assign the Edge Clusters:

Note that all the other configuration items are greyed out; so you must press SAVE and then edit, but before we edit, let’s create a VLAN segment:

Vlan Segment:

The VLAN segment is used to connect our T0 gateway to the BGP physical router (Top of the Rack), and in this blog post, I will be using a VLAN 20. Creating a VLAN segment is carried out in the same manner as that we used to create the regular segment we created in blog post 2. The steps to create the VLAN segment are listed as follows:

  • Browse to Segments
  • Press on Add Segment
  • Provide a Segment name (Ext_Seg20)
  • Transport Zone: Oasis_vLans
  • Vlan: 20
  • Save

T0 Gateway Interface:

After we create the VLAN segment, we must edit the T0 Gateway and create an interface where we can use the VLAN segment as the interface. To accomplish this, we will go through the following steps:

  • Edit the new created T0 Gateway
  • Under Interfaces – press “Set”
  • Press Add Interface
  • Name: Ext_Nic
  • Type: External
  • IP Address: 10.33.20.2/24 (note: Physical Router IP is 10.33.20.1)
  • Connect to Segment: Ext_Seg20 (note: use the VLAN segment)
  • Edge Node: Select your Edge node

BGP Configuration:

I’m using Unifi EdgeRouter4 on my lab, and to configure a BGP, I created a VLAN interface (VLAN:20)

Next, configure the BGP from the command line as follows:

<Enter Configuration> # configure <Set bgp ID> # set protocol bgp 64512 parameters router-id 10.33.20.1 <Set Neighbor> # set protocols bgp 64512 neighbor 10.33.20.2 remote-as 65000 <Allow network> # set protocols bgp 64512 network 0.0.0.0/0 <commit and save configuration> # commit; save
Code language: HTML, XML (xml)

After the physical router is configured, edit the T0 Gateway; browse to BGP, BGP Neighbors: Set and click “Add BGP Neighbor”:

  • IP Address: Physical Router IP address (10.33.20.1)
  • Remote AS: 64512
  • Source IP: 10.33.20.2
  • Save

Connect T1 to T0:

Connecting the T1 gateway to T0 is very simple. Browse to the T1 Gateways, Edit the Gateway you created on the previous blog, and on the “Linked Tier-0 Gateway”, choose the T0 Gateway:

Route Re-Distribution

The last step is to enable route distribution on the T0 Gateway. This is done by editing the T0 gateway; browse to:

  • ROUTE RE-DISTRIBUTION
  • Set
  • Click on “Add route re-distribution”
  • Provide a name
  • Destination protocol: BGP
  • Set:
  • Save and close

On the T1 Gateway:

  • Edit
  • Route Advertisement
  • Enable “All Segments”

Summary

Following those steps described above, you have connected your workloads to the external networks or to the internet. The steps I have shown you on these posts are a straight and easy way to get you started with NSX-t. From here, you can begin building your knowledge base in NSX-t, and perhaps learn the best practices on how to build the NSX-t environment in your production environment.

Leave a Reply