NSX-T 3.0 Series: Part4-Create Transport Zones & Uplink Profiles

Let’s get to the interesting part of NSX-T. In this post, we will discuss types of Transport Zones and why it is required to create one.

NSX-T 3.0 Series: Part1-NSX-T Manager Installation
NSX-T 3.0 Series: Part2-Add additional NSX-T Manger & Configure VIP
NSX-T 3.0 Series: Part3-Add a Compute Manager (vCenter Server)
NSX-T 3.0 Series: Part4-Create Transport Zones & Uplink Profiles
NSX-T 3.0 Series: Part5-Configure NSX on Host Transport Nodes
NSX-T 3.0 Series: Part6-Depoy Edge Transport Nodes & Create Edge Clusters
NSX-T 3.0 Series: Part7-Add a Tier-0 gateway and configure BGP routing
NSX-T 3.0 Series: Part8-Add a Tier-1 gateway
NSX-T 3.0 Series: Part9-Create Segments & attach to T1 gateway
NSX-T 3.0 Series: Part10-Testing NSX-T Environment

My lab has fully collapsed vSphere Cluster NSX-T Deployment. I have configured NSX Manager, host transport nodes, and NSX Edge VMs on a single cluster. Each host in the cluster has two physical NICs that are configured for NSX-T. Here is the detailed design from VMware’s official site.

Check out complete documentation here…

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/installation/GUID-3770AA1C-DA79-4E95-960A-96DAC376242F.html

It is very much important to understand Transport Zones and Uplink Profiles to configure NSX-T env.

Transport Zone:

All types of hypervisors (that gets added to nsx-t env) as well as EDGE VM are called as transport nodes and these transport nodes needs to be a part of transport zones to see particular networks. All transport nodes can not see all segments (aka logical switches) in NSX-T env unless they are part of transport zones that segments are connected to. Transport zones is technique to tie infrastructure together. Let’s have a look at the types of TZ.

Overlay TZ: This transport zone is used by host as well as Edge. You can configure N-VDS (NSX Managed VDS) and VDS when a host gets added to Overlay TZ. However, you can only configure N-VDS when a edge VM gets added to Overlay TZ.

VLAN TZ: This TZ primarily focuses on VLAN uplinks used by Edge and Host transport nodes. A VLAN N-VDS gets installed when you add a node to this TZ.

With all that theory, let’s get to the lab and start configuring things.

Log into NSX-T Manager cluster VIP and navigate to System >Transport Zones >Click on + sign.

Give an appropriate name and select ‘Overlay’  

Follow the same process for VLAN TZ.

NSX-T Edge and Host transport node will be added to Horizon-Overlay-TZ, however both of them will in different VLAN-TZ. We have created ‘Horizon-VLAN-TZ’ for the host. Let’s create one for the EDGE.

Switch name is optional. You can also define Named Uplink Teaming Policy here.

Named teaming policy:  A named teaming policy means that for every VLAN-based logical switch or segment, you can define a specific teaming policy mode and uplinks names. This policy type gives you the flexibility to select specific uplinks depending on the traffic steering policy, for example, based on bandwidth requirement.

  • If you define a named teaming policy, N-VDS uses that named teaming policy if it is attached to the VLAN-based transport zone and finally selected for specific VLAN-based logical switch or segment in the host.
  • If you do not define any named teaming policies, N-VDS uses the default teaming policy.

I have left this blank for now.

We will now move to creating uplink profiles for Host & Edge Transport Nodes.

An uplink profile defines how you want your network traffic to go outside of NSX-T env. This helps in consistent configuration of the network adaptors.

Let’s create one for the host transport node. Navigate to System >Profiles >Uplink Profile >Click on +

Name the profile.

Scroll down to ‘Teamings’

In ‘Default Teaming’ policy type, Click on little pencil shape edit icon.

 Select Load Balanced Source. And type ‘uplink-1,uplink-2’ in ‘Active Uplink’ field.

This allows multiple Active uplinks on N-VDS and each uplink can have an IP address from the mentioned VLAN id below. VMware recommends Load Balanced Source teaming policy for traffic load balancing.

MTU can be left blank here. It picks up default value of 1600.

Verify the profile.

Transport VLAN 1634 mean, all hosts attached to this uplink profile will get a Tunnel Endpoint IP from this VLAN. I have configured DHCP for this VLAN on my TOR. Will talk more about it when we create host transport node.

We must create one more uplink profile for Edge Transport Node. Follow the same process except VLAN ID as 2713. So, we have two different VLAN ID’s for Host TEP as well as Edge TEP.

Verify the EDGE Uplink profile.

That’s it for this post. We are done with crating Transport Zones and Uplink Profiles. Thank you for reading. I hope that the blog was helpful. 😊