I have been tweeting about NSX Tips for over an year and one of my friends who is actively preparing for his VCP-NV 2019 recommended me to post the tips as a blog for quick reference. Hence I thought to sort them together as a Twitter moment as well as an article to help the vCommunity with the certification studies.
Here are the 30 NSX Tips which I have tweeted (and still going). I will update the content as soon as I tweet a tip next time. Thanks to the #vCommunity for the RT to reach a good audience.
Twitter moment -> https://twitter.com/i/moments/1175014070380089345
NSX-T Tip 20:BUM Replication is handled in software and is decoupled from underlying hardware.The choice of replication mode depends on the number of host TEP subnets with Hierarchical Two-Tier as the default.For single subnet TEPs,replication mode doesn’t matter#RunNSX #vExpert pic.twitter.com/GWrf2WG287
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) September 19, 2019
NSX-T Tip 18:NSX-T has DNS Forwarder Service at the T1 or T0 level for the Overlay workloads.This is a caching only DNS(relay mode) pointed to the customer’s existing DNS server with default TTL 300s.The service works in Active/Standby mode on the Edge Cluster.#vExpert #RunNSX pic.twitter.com/U0rA2bXWHi
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) September 16, 2019
NSX-T Tip 13:Enabling T0 ECMP sets the BGP maximum-paths parameter of each SRnode to 8.Edge VMs are usualy deployed with 2 uplinks, achieving 2 ECMP paths/node. Baremetal edges can achieve 8 ECMP paths with a single node. This is the running-config of an SR node.#vExpert #RunNSX pic.twitter.com/RuvqxjNN9I
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) August 6, 2019
NSX-T Tip: This is how we use the NSX-T loadbalancer to perform an HTTP to HTTPS redirection of a web application hosted in the overlay. We also have an option to set a “Sorry Server” in case the Server pool goes down or during a maintenance window.@vmwarensx #vExpert @vExpert pic.twitter.com/kdMQIGWp9h
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) July 25, 2019
NSX-T Tip: When you enable Inter-SR routing for the T0 Active-Active Gateway, each route that is advertised between the iBGP T0 SR components is set with a BGP Community tag of NO_EXPORT, hence they are not advertised to external ToR.@vExpert @vmwarensx #RunNSX #VExpert pic.twitter.com/YZ52ZkgyXa
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) July 11, 2019
NSX-T #Tip: The Centralized port type (CSP) in a T1/T0 logical router is used to connect to the VLAN Logical segments. Eg: when u use partner services integration that requires traffic to be redirected to their appliance for introspection, this port type is used. #RunNSX #ProTip pic.twitter.com/6P0QuRYZlP
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) June 2, 2019
NSX-T Tip:The Reflexive NAT on the Tier-0 logical router is Stateless.This is a 1:1 mapping between a Source IP on the Logical segment to a Translated IP on the VLAN segment.This is needed in Tier-0 Active-Active deployments and when multiple T0 uplinks exist.@vmwarensx #RunNSX pic.twitter.com/PgFusWqXIQ
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) May 26, 2019
NSX Tip:The CDO mode gives an extra layer of resiliency to the @vmwarensx control plane.This mode populates a Global VTEP list on separate logical switch which helps many of the control plane operations to work before you rebuild the controller cluster. #vExpert @vExpert #RunNSX pic.twitter.com/aXGrTEtcR5
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) April 1, 2019
While peering @vmwarensx ESGs with the physical BGP speakers, have a look at the timer values too. If you modify the Hold timer values to outside the minimum expected range for the peers, the TCP connection fails. This is what you see on a Cisco IOS #CiscoChampion pic.twitter.com/zTMt5pcBG6
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) January 4, 2019
You can reduce the size of ESG-DLR OSPF routing table when you configure the @vmwarensx area as NSSA. This will replace all external routes with a default route to the ABR. In case you want to redistribute routes on the DLR, this will be translated to a Type-5 LSA by the NSSA ABR pic.twitter.com/bIoe7uWdEw
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) November 11, 2018
Achieving Multi-Datacenter Pooling with VMWare NSX. Universal Logical Switches & Universal DLRs can span across datacenters. Workload mobility is simplified. VMs can retain the IP schema even on the new site. This is where you create Universal Transport zone. #vmwarensx #sddc pic.twitter.com/IPo3M0Gnhv
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) October 27, 2018
VMware NSX Controllers are stateless, so its very easy to spin up additional instances. If the Controller cluster has irrecoverable errors and needs to be rebuilt, simply spin up a new Controller cluster and import the controller state information. @vmwarensx #virtualization pic.twitter.com/OElMhPFrPJ
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) October 22, 2018
Enabling OSPF on the @vmwarensx Edge Services Gateway & DLR for routing updates with the Core physical layer. With Route Redistribution enabled at the DLR for the logical networks, the software defined Tenant can now communicate with the external networks. #networking #VMware pic.twitter.com/BtDwfIDky3
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) October 18, 2018
This is where we enable Transparency for the @vmwarensx logical Loadbalancer’s Virtual Service. If the Real Servers in the Pool are Web Tiers, then they now can see the original Client IP in the Weblogs. Else it would be the Logical Loadbalancer’s VS IP. pic.twitter.com/Ti9qW8VIpi
โ Harikrishnan T ๐ฎ๐ณ ๐บ๐ธ (@hari5611) October 12, 2018
I hope the Tips were informative. If you find this useful, please share via social media. Thanks for reading
