This has never been a straightforward topic, and I have difficulty explaining it in a reasonable amount of time. So now I’m going to start sending people here. Really great job.
Great video for understanding SR/DR - it's so easy to think when you create a service interface on a DR that the interface lives there, but really a SR is instantiated on the edge cluster and that's where the interface lives I have a use case to try and push a VPN over a service interface on a dedicated T1 - is this possible? We always think of stateful services such as BGP, NAT etc taking place there but I want (for some special reasons) to run VPN in this way. in my case I want to use this service interface to connect to a VLAN backed segment rather than have the VPN route out up through NSX layers
So sorry I missed this comment/question! I'll be honest, I'm not sure if this would work or not! It's something I would put in the category of "need to lab it up to answer that" :) Did you ever find out?
@@NRDYTech no problem! Appreciate the reply regardless. Yes this is working albeit on a T0. I haven’t been involved totally in the nitty gritty for the VPN but I believe it’s all now operating as expected. Have to say, I’ve leaned on your videos lots to design and implement NSX-T in our environment. They’ve been invaluable, so thanks!!!
DR is not necessary on your host where the edge VM sits..that host doesn't even have to be prepped for NSX. The DR would be on the edge VM though - inside of it.
In the previous video, Mike mentioned we can't connect one T0 to another T0. A T0 always connects (uplinks) to the physical network but not to another T0. Hope that helps. Guys correct me if I'm wrong
This has never been a straightforward topic, and I have difficulty explaining it in a reasonable amount of time. So now I’m going to start sending people here. Really great job.
Thank you Matt! Really appreciate it, that's a big compliment!
Thank you for creating this video! I like how you broke this down from an architectural standpoint. Looking forward to more videos!!
All videos are amazing. The delivery and content are excellent! Thank you!
Late, but thank you riad!
Thanks!
Worthy Channel to subscribe.
Great stuff, thanks for the informative video, side question, what tools do you use for the whiteboard demo? :-)
Hi Mike,
You didn’t cover the scenario where if we have T0 running Active Active then we need to enable NAT on T1 then how traffic will flow
Great video for understanding SR/DR - it's so easy to think when you create a service interface on a DR that the interface lives there, but really a SR is instantiated on the edge cluster and that's where the interface lives
I have a use case to try and push a VPN over a service interface on a dedicated T1 - is this possible? We always think of stateful services such as BGP, NAT etc taking place there but I want (for some special reasons) to run VPN in this way. in my case I want to use this service interface to connect to a VLAN backed segment rather than have the VPN route out up through NSX layers
So sorry I missed this comment/question! I'll be honest, I'm not sure if this would work or not! It's something I would put in the category of "need to lab it up to answer that" :) Did you ever find out?
@@NRDYTech no problem! Appreciate the reply regardless.
Yes this is working albeit on a T0. I haven’t been involved totally in the nitty gritty for the VPN but I believe it’s all now operating as expected.
Have to say, I’ve leaned on your videos lots to design and implement NSX-T in our environment. They’ve been invaluable, so thanks!!!
Wouldn't there be a DR on both hosts? The return traffic would use the DR on the host with the edge VM? I might be confusing it.
DR is not necessary on your host where the edge VM sits..that host doesn't even have to be prepped for NSX. The DR would be on the edge VM though - inside of it.
@@NRDYTech you mean SR would be on edge VM right?
Hey Mike, Is it possible to setup BGP between two T0 routers?
In the previous video, Mike mentioned we can't connect one T0 to another T0. A T0 always connects (uplinks) to the physical network but not to another T0. Hope that helps. Guys correct me if I'm wrong