Your explanation is very extraordinary. After so many years today I was happy to get a clear idea about the traffic flow. Thank you for such wonderful content out here. Your efforts are very much appreciated 😊👍🏼🙏🏼
While watching this video everything in my head comes into place. The moment I close the video I lose it. That’s how complex NSX routing is made. And I should say that I watched your videos multiple times and I work with NSX on a daily basis.
Thanks for watching. It does taker some time.. I remember when I first was learning NSX, took a little while for me to wrap thing in my mind. Have a good one.
Your ability to simplify complex concepts is impressive. Your explanations are clear, concise, and easy to follow, making even intricate subjects seem approachable. You have a gift!
This is an Excellent Explanation of Single and Multi-Tier Routing in NSX-T. Thank You for taking time out to Share this knowledge with the Community. Much Appreciated!!
wow this really helped me wrap my head around the routing portion of it, now it doesnt seem so complicated. thanks for your helpful videos, they've been monumental in my NSX journey.
Thanks for the amazing series on NSX.. keep up the good work.. for those who are unable to attend vmwares expensive classrooms these are amazing sources of videos to learn from.
Hi Thanks for Watching. Is it possible? I am sure it is. The question is. Is it supported? I am, not sure. I went to the product compatibility page and looks like it is down and will be up and down for the next 2 days. check this link in a few days.. interopmatrix.vmware.com/Interoperability
Very informative! Keep going. 🎉 I hope we can see something on designing multi-site (dual-site) implementation, especially how to well configure edges for A/A or A/P sites when we have an edge cluster for each site and a stretched NSX
Great suggestion! Iam working on a Federation presentation, should be done soon. A demo may be a bit of a challenge, but I can see what I can do.. Have a good day and pass the word.
@@TechUnGlued thank you. I am suggesting this because in cloud director, tenant create only T1 edge. They need to establish vpn,nat and another services. I am wonder how this looks and works with combination t0(which we use for external connectivity). Also if t0 and t1 is for multitenancy why we cant configure outside access on t1, why we need to configure it on t0? Thank you
Thanks for watching.. As I mentioned I will add it to the list. I am working on a few projects now, and will see if I can do this video sooner. The main thing here is not to compare it to NSX-V (totally different),, VPN service is supported on the T1 gateway. You must make sure you associate the T1 now with an Edge cluster, because the T1 VPN/NAT services will require an SR component.. When you create the VPN service and associate it with the T1, you must make sure that the T1 "Route Advertisement" includes you IPsec end points and NAT ip' so that the T0 is aware of it. The T0 must then have "Route Redistrbution" enabled for these T1 services so the ouside world is away of it... Just like we did with the routing.. T0 is the G/W that is connected to the physical environment (the SR component on the Edge(s)) and your T1 must go through the T0 to get to the outside world.. Hope this helps..
@@TechUnGlued hello, thank you for your answer. Ofcourse when i creating t1 gw i associate with t0 and have edge cluster.on my phsycal infra i have one vlan/subnet of public ip /24 which i am giving to customer.behind customer t1 gateway is customer private networks. But t1 is connected to t0 via link which is automaticly created. Where i define this public ip from public pool to can use for example tenannt a t1 router. When i establish vpn from customer to datacenter t1 router i must choose t1 customer public ip. But on t1 there is no external interface like on t0? Thank you for answers
First. If you are going to do SNAT/DNAT on the T1 you need to associate a cluster with it. Preferrably a different edge cluster that the T0 has. Then create the NAT rule (SNAT/DNAT) on the T1.. In order for the outside IP (used in the NAT rules) to be advertised to the outside world, you need to set "Route Advertise" on the T1 Advertise "All NAT IP's". This will inform the T0 g/W about the ip you are NATting. Then you must configure the route Redistribution on the T0 to redistribute the Advertised T1 "NAT IP".. I hope this helps. I will do a video on it, after I finish some projects.. Thanks
Hey Steve. Great content. Please keep it up. A question if I may. I have NSX 4x. All segments are connected to respective Tier1 and all Tier1 connected to a common Tier0. When I look in Network Topology, in between the T0 and T1, I can see the two router link addresses (eg. 100.64.0.46/31 and 100.64.0.47/31). However, on some gateways I only see one intra tier address, either for the T0 port or the T1 port. All segments are using NAT. Is this a UI thing or do I have a configuration? Thanks, I really enjoy your channel.
May be a UI issue. in my environment I do see the two IP's.. Try a different browser to rule that out.. You can always go the the cli and manually check the IP.s Thanks for watching and have a great day
You are correct. You can try it out. Just create a segment and connect 2 VM's to it. Don't hook the segment to aT1 or T0 G/W and the 2 VM's will be able to talk to each other. I think I demo'd that in my switching video.. Thanks for watching and have a good one.
Your explanation is very extraordinary. After so many years today I was happy to get a clear idea about the traffic flow. Thank you for such wonderful content out here. Your efforts are very much appreciated 😊👍🏼🙏🏼
Thanks so much for the kind comment. You have a great day.
While watching this video everything in my head comes into place. The moment I close the video I lose it. That’s how complex NSX routing is made. And I should say that I watched your videos multiple times and I work with NSX on a daily basis.
Thanks for watching. It does taker some time.. I remember when I first was learning NSX, took a little while for me to wrap thing in my mind. Have a good one.
best explanation i have seen of how t1 and t0 work and how the dr and sr work together in the different design scenarios
Thank you.
Have a great day
Your ability to simplify complex concepts is impressive. Your explanations are clear, concise, and easy to follow, making even intricate subjects seem approachable. You have a gift!
Wow, thanks! Appreciate the kind comment. Have a great day.
This is an Excellent Explanation of Single and Multi-Tier Routing in NSX-T. Thank You for taking time out to Share this knowledge with the Community. Much Appreciated!!
Glad it was helpful! Thanks for watching and you have a great day
wow this really helped me wrap my head around the routing portion of it, now it doesnt seem so complicated. thanks for your helpful videos, they've been monumental in my NSX journey.
Glad it helped and thanks for watching.. Have a great day
Thanks for the amazing series on NSX.. keep up the good work.. for those who are unable to attend vmwares expensive classrooms these are amazing sources of videos to learn from.
Thanks very much. Have a great day
This is too good and in depth nsx routing . Thanks for sharing knowledge. 🙏
My pleasure. Keep watching more to come.. Have a great day
Very insightful ...
Thanks for your Comment. You have a great day..
Love your videos on NSX and virtualization, theory and demo well organised. I feel like an expert already :). Thanks for sharing knowledge.
Glad you like them! You have a great day,
Great video, very informative
Glad it was helpful!. Keep watching and have a great day..
You’re an absolute legend!
Thank you. You have a great day
@@TechUnGlued Is it possible to deploy vCloud director in VCF ?
Hi Thanks for Watching. Is it possible? I am sure it is. The question is. Is it supported? I am, not sure. I went to the product compatibility page and looks like it is down and will be up and down for the next 2 days. check this link in a few days..
interopmatrix.vmware.com/Interoperability
@@TechUnGlued thanks
You are doing an awesome job man, it's so clear.
Thank you!
You're very welcome! Thanks for watching. Have a good one.
Awesome explanation !!! Tahnk you and much appreciated.
Glad it was helpful! Have a good one
Very Useful...
Glad to hear that. You have a great day
Nice Explaination and walk through
Thanks for watching,
Have a great day,,
Awesome..
Thank you! Cheers!
Very informative! Keep going. 🎉
I hope we can see something on designing multi-site (dual-site) implementation, especially how to well configure edges for A/A or A/P sites when we have an edge cluster for each site and a stretched NSX
Great suggestion! Iam working on a Federation presentation, should be done soon. A demo may be a bit of a challenge, but I can see what I can do.. Have a good day and pass the word.
Thank you so much. Appreciated for great explanation 👍
Glad it was helpful! Have a good one
Hello Stephen, can you also please add a video about DNS and DHCP service in NSX-T. It will be very useful. Thank you in advance.
Got it on a my list. Have a great day
Best video regarding routing concepts on NSX. Can we see two tier routing (services on T1 and on T0) ? Thank you
I will add it to the list. Thanks for watching and have a great day
@@TechUnGlued thank you. I am suggesting this because in cloud director, tenant create only T1 edge. They need to establish vpn,nat and another services. I am wonder how this looks and works with combination t0(which we use for external connectivity). Also if t0 and t1 is for multitenancy why we cant configure outside access on t1, why we need to configure it on t0? Thank you
Thanks for watching.. As I mentioned I will add it to the list. I am working on a few projects now, and will see if I can do this video sooner. The main thing here is not to compare it to NSX-V (totally different),, VPN service is supported on the T1 gateway. You must make sure you associate the T1 now with an Edge cluster, because the T1 VPN/NAT services will require an SR component.. When you create the VPN service and associate it with the T1, you must make sure that the T1 "Route Advertisement" includes you IPsec end points and NAT ip' so that the T0 is aware of it. The T0 must then have "Route Redistrbution" enabled for these T1 services so the ouside world is away of it... Just like we did with the routing.. T0 is the G/W that is connected to the physical environment (the SR component on the Edge(s)) and your T1 must go through the T0 to get to the outside world.. Hope this helps..
@@TechUnGlued hello, thank you for your answer. Ofcourse when i creating t1 gw i associate with t0 and have edge cluster.on my phsycal infra i have one vlan/subnet of public ip /24 which i am giving to customer.behind customer t1 gateway is customer private networks. But t1 is connected to t0 via link which is automaticly created. Where i define this public ip from public pool to can use for example tenannt a t1 router. When i establish vpn from customer to datacenter t1 router i must choose t1 customer public ip. But on t1 there is no external interface like on t0? Thank you for answers
First. If you are going to do SNAT/DNAT on the T1 you need to associate a cluster with it. Preferrably a different edge cluster that the T0 has. Then create the NAT rule (SNAT/DNAT) on the T1.. In order for the outside IP (used in the NAT rules) to be advertised to the outside world, you need to set "Route Advertise" on the T1 Advertise "All NAT IP's". This will inform the T0 g/W about the ip you are NATting. Then you must configure the route Redistribution on the T0 to redistribute the Advertised T1 "NAT IP".. I hope this helps. I will do a video on it, after I finish some projects.. Thanks
Hey Steve. Great content. Please keep it up. A question if I may. I have NSX 4x. All segments are connected to respective Tier1 and all Tier1 connected to a common Tier0. When I look in Network Topology, in between the T0 and T1, I can see the two router link addresses (eg. 100.64.0.46/31 and 100.64.0.47/31). However, on some gateways I only see one intra tier address, either for the T0 port or the T1 port. All segments are using NAT. Is this a UI thing or do I have a configuration? Thanks, I really enjoy your channel.
May be a UI issue. in my environment I do see the two IP's.. Try a different browser to rule that out.. You can always go the the cli and manually check the IP.s Thanks for watching and have a great day
When VM1 and VM2 are on same host and same segment what would be the packet path? It does not go to DR or VTEP right?
You are correct. You can try it out. Just create a segment and connect 2 VM's to it. Don't hook the segment to aT1 or T0 G/W and the 2 VM's will be able to talk to each other. I think I demo'd that in my switching video.. Thanks for watching and have a good one.
Hi, any chance you can share the slides for reference?
I am sorry. I have a few plans in the future so they are Intellectual Property of my company. Have a great day
It’s ok. Thank you for taking the time to reply to my query.
Thank you so much.
You're welcome! Thanks for watching
Thanks
No problem. Have a great day
thanks
You're welcome! Thanks for watching. Have a good one.