Routing Protocols on NSX Edge Services Router

VMware gave me early access to NSX hands-on lab a few days prior to VMworld 2013. The lab was meant to demonstrate the basics of NSX, from VXLAN encapsulation to cross-subnet flooding, but I quickly veered off the beaten path and started playing with routing protocols in NSX Edge appliances.

I won’t bore you with the configuration process. Let’s just say that I got mightily annoyed with the mandatory mouse chasing skills, confirmed every single CLI-versus-GUI prejudice I ever got, but nonetheless managed to get OSPF and BGP running on an NSX Edge appliance. Here’s what I configured:

  • OSPF routing process with area 0 on the external interface and route redistribution of connected routes into OSPF;
  • BGP routing process with an IBGP neighbor and route redistribution of connected routes into BGP.

The fun started after I managed to log into the appliance console. You might find this printout familiar ;)

How about this one?

Here’s another one to warm your heart:

As you can see, they still have plenty of work to do (example: the subnet length is missing in the BGP table printout), but the code is still a few months from being shipped, so I’m positive they’ll fix the obvious gotchas in the meantime.

Moving beyond a single appliance

Time to deploy the second appliance to see whether all this fun stuff actually works (I couldn't add a physical router to a remote lab, could I?). Short summary: it does.

You can see an OSPF neighbor...

... and a BGP neighbor.

If you wish you can inspect the OSPF database:

NSX Edge OSPF process inserts some funky stuff into the OSPF database (you might want to check how that impacts other OSPF gear before deploying NSX Edge in production environment) and it seems type-5 LSAs are not displayed (probably a bug).

The BGP table has prefixes from both appliances...

...and the routing and forwarding tables look OK. The whole thing just might work outside of a lab environment.

The Grumpy Perspective

The addition of routing protocols to NSX Edge is a great next step toward implementing more dynamic networking infrastructure. Does that mean that I’d use NSX Edge as a router? You must be kidding – it’s a great edge device, with just enough features to integrate with the core routing functionality of your network.

Not unexpectedly, the configuration process really sucks. It takes forever to implement what one could do with 10 CLI commands ... but then you probably wouldn’t use NSX Manager GUI but API calls or PowerCLI to configure appliances in large-scale deployments.

Finally, does it make sense to run routing protocols on L4-7 appliances? If you ever spent hours debugging a static route pointing in a wrong direction you know the answer.

More information

Overlay Virtual Networking webinar describes virtual appliance concepts and offerings from numerous vendors including (in alphabetical order) Cisco, IBM, Microsoft, Midokura and VMware.

To learn more about NSX architecture, register for the free VMware NSX Architecture webinar sponsored by VMware.

2 comments:

  1. I hope Honda sues them for using the name of one of the most awesome sports cars ever!

    ReplyDelete
  2. I am not sure of how to take the review to be honest. I do not think VMWare intend NSX to be at the core of anyone's DC taking the role of hardware routers, firewalls and switches, however the value proposition is compelling for speed of IT infrastructure provisioning and simplifying physical netwok designs. Where the needs are basic network segmentation and application delivery this presents a compelling usecase . No boubt after its release it may require improvement but which product does not.. even Cisco's IOS after 20 years still gets bug updates and no doubt as time progresses it will become more robust not only in terms of doing the basic things right but also more features. Bash

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.