Shulou(Shulou.com)06/01 Report--

Take the cloud computing environment as an example, suppose that building a private or public cloud platform for vRealize Automation will definitely involve the problem of Multi-Tenants. Different Tenant naturally have different security levels, isolation requirements or unique IP address segment messages. In theory, NSX's Logical Switch would create a broadcast domain or Segment to the assigned Tenant, and then connect it through Logical Wire. However, Logical Switch is not the same as Distributed Port Groups on vDS. Logical Switch will extend to vDS through the combination of vDS's DVPort. NSX Controller is responsible for centralized control of all Logical Switches in the network, and is responsible for maintaining all VMs, ESXi Hosts, Logical Switches and VXLANs messages. A Logical Switch will be mapped to a single VXLAN that encapsulates the VM traffic and transmits it over the physical IP network. Figure 01 is a simple Logical Switch diagram drawn by a cat. In the diagram, a Logical Switch named Web-Tier is created and two VMs sets are added to the Logical Switch. This Logical Switch will allow two VMs without different physical subnets and Cluster to communicate with each other. The IP addresses of the two VMs are defined as 20.20.20.x/24, while the subnet of the ESXi Hosts is 10.10.10.x:

Figure 01

In order to implement the structure shown in figure 01 and achieve the desired effect, you need to follow the following process:

1. First, vSphere Web Client logs in to vCenter, click Networking & Security LogicalSwitches, as shown in figure 02, and click the green plus sign in the red box:

Figure 02

2. after that, the window shown in figure 03 pops up, in which there are several options:

Name-the planned name for this Logical Switch

Description-description of the intended use for this Logical Switch

Transport Zone created by Transport Zone-Part09

Replication Mode-Multicast, Unicast, and Hybrid are available

Enable IP Discovery and Enable MAC Learning-allow IP discovery and MAC address learning

Click the Change of the Transport Zone option, and you will come to the Transport Zone Settings window. Click to select the VXLAN-Global-Transport created in Part09:

Figure 03

After that, click Ok, and then click Ok to complete the creation of the Logical Switch

3. At this time, in the window shown in figure 04, you can see that the Transport Zone named Web-Tier associated with VXLAN-Global-Transport appears in the figure, and you can see that the VNI (VXLAN Network Identifier) to which it is assigned is 5000:

Figure 04

4. As described earlier, LogicalSwitch is not the same as vDS's DistributedPort Group, so when a LogicalSwitch is created, a DistributedPort Group connected to the GlobalTransport Zone is also created on the corresponding vDS. For example, a DVPort like VXW-dvs-xxxxxx shown in figure 05:

Figure 05

5. The next thing to do is to assign the virtual machine to LogicalSwitch, go to the window shown in figure 06, and click the option selected in the red box:

Figure 06

6. Add the two virtual machines WEB01 and WEB02 that need to be added to the LogicalSwitch, as shown in figure 07. After checking the box, click Next:

Figure 07

7. If the virtual machine has multiple virtual network cards, you can choose which card to connect to the Logical Switch of the Web-Tier. If there is only one card, then ignore it. Click Next when selected, as shown in figure 08:

Figure 08

8. After confirming that everything is correct, directly click the Finish button shown in figure 09 to complete the action associated with VMs to Logical Switch:

Figure 09

09. After entering the Inventory, you can see the Summary page tags of WEB01 and WEB02 virtual machines, and you can see the Port Group connection message shown in figure 10:

Figure 10

10. In theory, it is possible to Ping each other between WEB01 and WEB02 at this time, and Ping is the easiest way to detect ICMP communication, which means that the two VMs running in different physical environments can communicate with each other by connecting to the same LogicalSwitch with the help of VXLAN. When WEB01 communicates with WEB02, it passes through the VXLANTransport network. When the VMs communication or the switch queries the MAC address table, the NSXController on the host decides to Push the ARP/MAC/VTEP table to VM. It will be forwarded to the VXLANTransport network, and then the VXLAN packet header and the routing encapsulation of the source and destination will occur. After arriving at the target host, it will unpack and restore the real IP message and data message, and then complete the communication process.

To be continued. Download details of picture and text:

Http://down.51cto.com/data/2114175

Follow Wechat for a comprehensive understanding of NSX technology!

Part01-(Picture and text) NSX concept and pre-installation preparation of NSX Series

Part02-(Picture and text) NSX Test Environment preparation and deployment of NSX Manager for NSX Series

Part03-(Picture and text) NSX Series Registration NSX Manager to vCenter Server

Part04-(Picture and text) deployment NSX Controller for NSX series

Part05-(Picture and text) NSX series check NSX Controller status

Part06-(Picture and text) NSX series equipped with vSphere host and Cluster for NSX environment

Part07-(Picture and text) NSX series check the integrity of VIBs on ESXi hosts

Part08-(Picture and text) NSX series configure VXLAN for ESXi hosts

Part09-(Picture and text) NSX series creates Segment ID and Transport Zones for VXLAN

Part10-(Picture and text) the creation Logical Switch of the NSX series

(end) Part11-(Picture and text) the creation Distributed Logical Router of the NSX series

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.