0

Practical NSX: ECMP

If you are looking for a way to increase the bandwidth for your north-south traffic and for faster recovery in the event of an Edge failure, ECMP is the feature that will help you achieve that. In this post, we will go through how to setup ECMP between the Perimeter Gateways and a Distributed Logical Router and test a couple of failure scenarios.

Below is the topology we are working towards, for those of you who want to follow along. Use HOL-1903-01-NET.

What we are starting with

We have an Edge and a DLR already deployed.

Edge (Perimeter-Gateway-01) interfaces.

DLR (Distributed-Router-01) interfaces.

DLR (Distributed-Router-01) OSPF Configuration

ECMP setup

1- Let’s start by adding another Edge.

Added the uplink interface

Added the transit interface

I don’t need to configure the default GW as I will be configuring OSPF, and I have configured the default firewall policy to accept. Final config below. Click finish

2- Configure routing on Perimeter-Gateway-01

Manage > Routing > Dynamic Routing Configuration > Edit

Publish the changes.

OSPF

Manage > Routing > OSPF

Manage > Routing > Area Definition > Add

Manage > Routing > Area To Interface Mapping > Add

BGP

Manage > Routing > BGP > BGP Configuration > Edit

Manage > Routing > BGP > Neighbour > Add

Enable Route Distribution for OSPF and BGP

Manage > Routing > Route Distribution > Route Distribution Status > Edit

Manage > Routing > Route Distribution > Route Distribution Table > Edit

Publish your changes.

3- Apply a similar config to Perimeter-Gateway-02

Enable ECMP on the DLR and on the Edges

DLR > Manage > Routing > Global Configuration > ECMP > Start > Publish Changes

Perimeter-Gateway-01 > Routing > Global Configuration > ECMP > Start > Publish Changes

Perimeter-Gateway-02 > Routing > Global Configuration > ECMP > Start > Publish Changes

Check that ECMP is functioning

SSH to your DLR and run the below commands.

show ip ospf neighbors

Both Edges are showing as neighbors

Show ip route

Both Edges are showing as valid routes

Simulating a failure

Let’s simulate a failure by shutting down one Perimeter-Gateway-01

SSH to your DLR and check the routes table

Notice that only Perimeter-Gateway-02 is available. Let’s restart Perimeter-Gateway-01 and recheck the table.

Both Edges are showing in our routing table!

I hope this post was helpful. Thank you for reading.

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

Sharing is caring!

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *