This article provides information about the troubleshooting steps to be taken for issues with the Cisco Nexus 9300 series OVSDB HW-VTEP integration with VMware NSX-v.

Disclaimer: The partner product referenced in this article is a software module that is developed and supported by a partner. Use of this product is also governed by the end user license agreement of the partner. You must obtain from the partner the application, support, and licensing for using this product. For more information, see:

• Configuring NXDB for Cisco Nexus 9000 Series Switches and Communicating with NSXv Controllers (for Layer 2 VXLANs)
• OVSDB Plugin Release Notes, Release 2.3.1

VMware NSX for vSphere 6.3.x
VMware NSX for vSphere 6.4.x

Cisco Nexus 9000 OVSDB Integration with VMware NSX-v

In some NSX deployments, NSX logical switches must be extended into the physical environment. The goal of this extension is to connect virtualized workloads using NSX as their networking layer with physical workloads that are not virtualized and that need to be on the same network subnet. This integration requires the bridging of VXLAN network identifiers (VNIs) with virtual LANs (VLANs). The OVSDB integration allows the Cisco Nexus 9300 Series Switch to be an HW-VTEP, which performs the translation from VXLAN encapsulation to VLAN encapsulation, and back, in hardware to connect workloads in the virtual and physical environments.

Supported software
NSX for vSphere 6.3.6, 6.4.2, 6.4.3

Refer to the VMware Compatibility Guide for supported switch software versions.

Software download link
The required software for the integration can be downloaded from CCO at https://www.cisco.com/.

Support information
If there is an issue with the OVSDB HW-VTEP integration please check the following:

• The Cisco Nexus 9300 switches should be running the correct version of NX-OS. 
• The Cisco Nexus 9300 Series Switches should have the Cisco Nexus Database (NXDB) license (N93-TP1K9) installed and the feature enabled.
• The Cisco Nexus 9300 switches should have the correct version of the plug-in and Java Runtime Environment (JRE) downloaded to their bootflash memory.
• If using first generation Cisco Nexus 9300 switches they must have been configured with the explicit TCAM carving that is needed to enable the redirect-tunnel region. This feature is used for BFD over VXLAN. 
• If high availability is needed, vPCs must be configured correctly on the Cisco Nexus 9300 switches.
• If high availability with vPC is being used, an anycast loopback address must be configured on the vPC pair.
• A separate username and password must be configured on the Cisco Nexus 9300 switches to be used by the NXDB process to push API configuration changes, if this capability is desired.
• The correct supported version of NSX must be installed. The NSX configuration for controllers, NSX VIBs, and VXLAN VTEPs must be completed.
• The routing for the environment must be set up. The NSX hypervisors (using the NSX VTEP interface), NSX manager, and NSX controllers all should be able to ping the switch’s loopback address (the one that is going to be used for HW-VTEP configuration). This address can be the anycast loopback address used if vPC configuration is desired.
• VLANs must be reserved for use for VXLAN-to-VLAN association. Each NSX logical switch extension will use one VLAN. Also, a VLAN will be used for BFD over VXLAN.

The configuration guide for Configuring Cisco Nexus 9300 Series Switches for VMware NSX OVSDB Integration can be found at Configuring NXDB for Cisco Nexus 9000 Series Switches and Communicating with NSXv Controllers (for Layer 2 VXLANs).

The following debug commands should be collected in order to provide troubleshooting assistance:

show tech-support controller
show tech-support dme
show tech-support nve
show tech-support vxlan
show tech-support bfd
show accounting logs
show running-config
guestshell sudo ovsdb-plugin tech-support

More information on how to collect tech-support can be found at Configuring NXDB for Cisco Nexus 9000 Series Switches and Communicating with NSXv Controllers (for Layer 2 VXLANs).
If after the above checks have been performed and there is still an issue with the integration, please open a support ticket with Cisco TAC at Support & Downloads.