NSX Lab setup (for migration testing)

To test a migration from NSX-V to NSX-T I build a nested environment with a separate vSphere clusters: one for Management, for NSX-V and for NSX-T. All cluster use the same iSCSI storage since this only a Lab environment there is no need for separate storage on the management cluster.

vSphere Setup

The current version of this Lab is vSphere 7 Update 1 on all the hosts. The reason for this is that I used this lab to test and demonstrate the upgrades during various presentations. The vSphere ESXi image I’m using in my nested lab has been downloaded from virtuallyGhetto.

The nested lab is hosted on two physical vSphere ESXi 6.7 servers. For this nested Lab I’m using the licenses that are made available thru the vExpert program. So that’s another benefit and reason to join this VMware program.

The Management cluster hosts: the vCenter server, the NSX-V manager & controllers, the NSX-T manager & Edges for North-South.

The vSphere cluster prepared for NSX-V hosts: the NSX-V Edge Service Gateway (ESG), the Control VM for the Distribute Logical Router (DLR), some test VM’s and the NSX-T bridge. Which I will explain in the next blog.

The vSphere cluster prepared for NSX-T hosts only a few test VM’s.

Both NSX-V and NSX-T each have two overlay segments. These segments are connected using BGP to a virtual VYOS router. The VYOS router is connected to the network and the internet using physical Palo Alto firewall. All combined in a logical overview the Lab setup looks like this.

With this setup I was able to test multiple scenario’s like upgrading NSX-V & NSX-T, migration from the N-VDS to the vDS v7 and migrations from NSX-V to NSX-T using a NSX-T bridge. In the next blog I will refer to this picture.

Networking Setup

Although native MAC learning is now supported in vSphere 6.7. The ESXi hosts of the nested Lab are still connected to a virtual Distributed Switch (vDS) where promiscuous mode is enabled. The reason for this is that the Lab has been running for quite a few years and we just haven’t adjusted the settings. Somewhere during 2021 we plan on rebuilding the Lab environment. At that point we will switch to the MAC learning feature.

NSX-V Setup

The installed NSX-V version in this Lab is 6.4.8, since that is the first version that supports vSphere 7. The vSphere cluster Compute-V has been prepared for NSX-V and uses VLAN 114 for the VXLAN overlay.

As shown in the Lab overview the NSX-V environment is connected using BGP to the outside world. I will not go into much detail on how to configure the NSX-V environment, but hopefully it’s just enough to get the big picture for the next blogs.

As can be seen in the BGP connections there is a BGP connection to the VYOS router and a BGP connection towards the DLR. This can also be seen in the traceroute from outside the Lab environment.

NSX-T Setup

The NSX-T version used in this Lab is currently 3.1. Like the NSX-V environment only the vSphere cluster Compute-T has been prepared for use with NSX-T.

Same as for the NSX-V environment BGP is also used for the connection to the outside world. Only here there is just one BGP connection between the T0-router and the VYOS router. The T0 router is in an active-standby setup.

This can also be seen in the traceroute from outside the Lab environment.

With this blog I would like to provide an overview and reference point for the NSX V2T migration blogs that will follow this blog. Hopefully I have succeeded in that, but if you have any questions please leave a comment or contact me.