Addressing Common NSX Underlying Infrastructure Connectivity Issues
book
Article ID: 317210
calendar_today
Updated On:
Products
VMware NSX
Issue/Introduction
Inconsistent configurations in the underlying network infrastructure can cause connectivity issues. The goal of this document is to provide a checklist to easily identify and fix these configuration issues.
Ideally, asymmetric routing/forwarding is not recommended and therefore RPF is set to Strict mode on Tier0 uplinks.
For symmetric routing configuration, please ensure that the configuration between Tier 0 and northbound routers is such that the same set of prefixes are advertised from each edge node within a Tier0 Gateway on a given site. Also, the same set of prefixes must be learned from TORs on all Edge nodes of a Tier0 Gateway on a given site.
Asymmetric routing can happen when different BGP filters are applied on different nodes towards northbound neighbors in either direction leading to different routes getting advertised from different Edge nodes or if Edge nodes of a Tier0 Gateway have different BGP neighbors and learn/advertise different prefixes. Please check the BGP route maps to ensure that this is not the case.
For Federation environments with Primary/Secondary site design, advertise longer AS paths for BGP advertisements on secondary site BGP neighbors to resolve asymmetric forwarding.
After evaluating the above mentioned, if you still need asymmetric forwarding in your environment, please change the Tier0 uplink RPF setting to None.
TEP VLAN mismatch
Ensure that the VLAN configured on TOR matches the VLAN configured on the NSX side for overlay traffic.
Ensure VLAN/MTU config on TORs where the Edge may be vMotioned is consistent. Define the DRS vm/host rules such that the underlying hosts are on the same L2 domain and that the BGP/OSPF neighbors or static route next hops defined on Tier0 are reachable from all the hosts where the Edge may be vmotioned.