【NSX对接】CE交换机对接NSX-V指导 NSX-V Integartion Guide

举报
hw_cxp_72857254 发表于 2021/04/01 17:21:37 2021/04/01
【摘要】 【NSX对接】CE交换机对接NSX-V指导 NSX-V Integartion Guide

1      Introduction

How to manage CE device by NSX

First NSX communicate with CE by SSL. NSX send OVSDB information to CE, CE will change OVSDB data, and then CE will send and configure this changed part to device by NETCONF protocol.

2      Installation prepare

2.1      Component

Vmware

Esxi: version 6.0 above

Vcenter: version 6.0 above

NSX: version 6.3.3 above

CE

System softwareCE6855HI-V200R005C00 (above)

Supported hardware:  CE8860EI/ CE8850EI/ CE7850EI/ CE7855EI/ CE6850&51HI/ CE6850U-HI/ CE6860EI/ CE6870EI/ CE6855&56HI/ CE6875EI/ CE6875EI/ CE6865EI/ CE8850-64CQ-EI/ CE6875-HI

2.2      Topo & IP plan

image.png

Name

IP

MGMT

192.91.66.0/24

ESXi Host

192.91.66.66/24

192.91.66.65/24

192.91.66.64/24 (NSX controller)

NSX Manager

192.91.66.69/24

NSX Controller

192.91.66.91/24

192.91.66.92/24

192.91.66.93/24

CE VTEP

1.1.1.1

NSX VTEP

10.10.10.3/10.10.10.4

VM/BareMetal

10.0.0.10(VM1)

20.0.0.10(VM2)

10.0.0.20(VM3)

20.0.0.20(VM4)

10.0.0.30(BareMetal1)

20.0.0.30(BareMetal1)

Use OSPF publish all routing for underlay. Only Leaf2 need vxlan.

3      Installation

3.1     Install Vmware&Vcenter Installation

3.2     Install NSX manager

3.3     Install NSX controller

3.4      CE integration with NSX

3.4.1        CloudEngine Switch connection with NSX

3.4.1.1        Enable OVSDB(Open vSwitch Database) and configure controller on Leaf2_CE6855HI;

Get certificate file before integration;

#

ssl policy nsx

 certificate load pem-cert vtep8-cert.pem key-pair rsa key-file vtep8-privkey.pem auth-code cipher 1234

#

ovsdb server

  ssl ssl-policy nsx

  controller ip 192.91.66.91 port 6640 max_backoff 8000 inactivity_probe 5000

  ovsdb server enable

#

3.4.1.2        Add hardware device in NSX;

image.png

image.png

The connectivity status of switch in NSX is up.

 

3.4.2        Vxlan L2 service provisioning by NSX controller

image.png

3.4.2.1        Establish L3 connection between Spine and Leaves by OSPF as underlay network;


image.png

3.4.2.2        Configure Nve interface with source IP in Leaf2;

#

interface Nve1

 source 1.1.1.1

#

 

3.4.2.3        Create Logical switch with vni 5000 in NSX,then bind VM1,VM3 to it,then bind hardware switch interface(Leaf2) to it;

image.png

image.png

Then bind hardware switch interface(Leaf2_port) to it;

image.png

image.png

Check the Vxlan configuration on Leaf2;

image.png

image.png

image.png

Necessary configuration of Vxlan is distributed by NSX is on Leaf2 and VxLan tunnels between Leaf2 and VTEPs in hypervisor are established;

image.png

image.png

 

3.4.2.4        Configure IP address in the same segment for VM1,VM3 and Bare-Metal1,then “Ping”each other;

BareMetal1 to VM1 and VM3:

image.png

VM1 to VM3:

image.png

VM3 to VM1:

image.png

The Ping result is successful which means the L2 communication is OK.

 

3.4.3        Vxlan L3 service provisioning by NSX controller

image.png

3.4.3.1        Create Logical switch with vni 5000 in NSX,bind VM1,VM3 to it,then bind hardware switch interface(Leaf2_Port1) to it;

image.png

image.png

Then bind hardware switch interface(Leaf2_10GE1/0/47) to it;

image.png


3.4.3.2        Create Logical switch with vni 5001 in NSX,bind VM2,VM4 to it,then bind hardware switch interface(Leaf2_Port2) to it;

image.png

image.png


Then bind hardware switch interface(Leaf2_10GE1/0/48) to it;

image.png

image.png


 

3.4.3.3        Check the Vxlan configuration on Leaf2;

image.png

image.png

image.png

image.png

image.png

Necessary configuration of Vxlan is distributed by NSX is on Leaf2 and VxLan tunnels between Leaf2 and VTEPs in hypervisor are established;

3.4.3.4        Create ESG with NSX,and bind Logical switch 5000 and Logic switch 5001 to it;

image.png

image.png

3.4.3.5        Configure IP address in the same segment for VM1,VM3 and Bare-Metal1,and configure IP address in different segment for VM2,VM4 and Bare-Metal2,then “Ping”each other, expected result 2 is obtained;

BareMetal1 to VM2 , VM4 and BareMetal2:

image.png

BareMetal2 to VM1, VM3 and BareMetal1:

image.png

VM1 to VM2 and VM4;

image.png

The Ping result is successful which means the L3 communication is OK.

ARP table on ESG.

image.png

 





微信扫描下方二维码或直接访问数通开发者社区网站

华为数通开发者社区二维码

https://devzone.huawei.cn/cn/network/portal.html

【版权声明】本文为华为云社区用户原创内容,转载时必须标注文章的来源(华为云社区)、文章链接、文章作者等基本信息, 否则作者和本社区有权追究责任。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱: cloudbbs@huaweicloud.com
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。