Installing NSX 4.0.1.1 in my Homelab

HomelabNSX-T
Manuel -
12:07

Actually, I have been running NSX(-T) in my home lab since late 2020 and also updated accordingly to the last available version. Unfortunately, at the beginning of November 2022, with the release of vSphere8 with VSAN 8, I got the glorious idea to try out VSAN ESA in my lab. It came as it had to come….Spoiler: You should only do ESA on an „All NVME“ environment, preferably when all devices are on the HCL as well.
After about 2 months I, unfortunately, had a BSOD on one ESXi host exactly at the time when another ESXi host came back from maintenance mode. Since I had 2 out of 3 hosts out of the vSAN at that time, the vSAN of course stopped working and several VMs went to the eternal hunting grounds. So unfortunately also my 3 NSX managers.

vSAN caused BSOD

Since I had a backup of the NSX Managers, I thought – no problem, now I have a reason to restore the NSX Managers from the file-based backup I had set up in the NSX Managers.
So far so good, so I rolled out the new NSX Manager appliance and reconfigured access to my backup share, and pressed the restore button in anticipation. Then Booom -> Internal Server Error during the restore 🙁

NSX restore failure

Since I can’t open any support tickets from my lab environment and there is hardly any information documented on the internet about errors during the restore of NSX Managers, it will, unfortunately, remain a mystery for me for the foreseeable future why I can’t restore my backup.
Therefore, I had only one option – rebuild my NSX environment, which I have documented here for you & I want to show you accordingly.

1. Roll out the NSX appliance according to your appropriate needs (DNS name, IP address, etc.).

be aware of the Password, which must be „very“ complex
DNS & IP Configuration is straightforward

2. add two more NSX Managers to the installed NSX Manager

3. Create virtual IP for NSX Manager cluster

4. create IP address pool for TEP interfaces

5. create Uplink Profiles for ESXi Hosts & Edges

Profiles overview

Uplink Profile for the ESXi Hosts

as you can see, I will use VLAN 40 for communication with my physical network infrastructure. MTU can be left blank as I will use VDS for Uplink.

Uplink Profile for Edges

be aware of no Standby Uplink is set, as it is not supported for Edges, VLAN must be the same for proper communication between TEP interfaces of ESXi Hosts & Edges.

6. create Transport Zones for Overlay & VLANs

Transport Zones overview – how it should look like after configuration
Transport Zone for VLANs
Transport Zone for Overlay Networks

7. Install NSX on ESXi Hosts

NSX – ESXi Installation Overview how it should look like after configuration
The configuration will be the same on each ESXi Host, so I will show it only once with one host.
configuration is straightforward, you will apply Transport Zone, Uplink Profile & IP Assignment we configured before.

8. Creating Uplink Segments

Trunk Segment

Be aware of the Transport Zone as it is „TZ_VLAN“ and the VLAN is Trunk „0-4094“. The segment isn’t linked to any gateway.

Uplink Segment VLAN41 in my case for later T1 Communication

Be aware of the Transport Zone as it is „TZ_VLAN“ and the VLAN is „41“. The segment isn’t linked to any gateway.

9. Installing Edges

Edges overview – how it should look after configuration

10. Creating Edge-Cluster

Edge Cluster overview – how it should look after configuration

11. Creating Tier-0 Gateway

As you can see, I’m using an Active/Active configuration with Edge Cluster we have created before. In the next step, we will create the interface for L2 connectivity
here we go, I’m using VLAN41 and the before-created „Uplink-sg-VLAN41“ for communication. Lab-Edge-01 is selected.
For routing to my physical network, I must use a „static Route“ as my Network isn’t supporting BGP or OSPF. But no problem in a Lab environment in my opinion.
my static route configuration
The next Hop is the Gateway of my VLAN 41

12. Creating T1 Gateway

The T1 GW is linked to the T0 GW, the previously created Edge Cluster is chosen and Route Advertisement for all Connected Segments & Service Ports is enabled. (very Important)

13. create NSX Segments for future usage

The segment is linked to T1 GW, Transport Zone is „TZ Overlay“ and the Subnet is 192.168.99.1/24 in my Case. A subnet can be freely chosen of course but you need to remember it for routing, especially in my case as I’m using static routing in my lab environment.

14. take care of routing in your physical network infrastructure

to reach VMs for example within your segments from the physical network you have to implement there static routes as well for the NSX-Segments.
The Example is showing the routing configuration in my Ubiquiti Dream Machine Pro Router, which can be different in your environment 😉

15. Place VMs in your NSX Segments

assigning Portgroup to VM
checking IP Adress of given VM
testing connectivity from the local Workstation

16. reviewing NSX Network Topology

With that, we’ve done it and built a simple NSX environment that can be used for labs and also PoCs.
If you have any questions or suggestions, feel free to contact me or use the comment function here under the post.
In further tutorials, I would like to show you in the future how to exchange the certificates of NSX and would like to expand my environment to micro-segmentation with the goal of being able to provide a multi-tenant VDI environment.
So check back here from time to time or give me feedback on what you would like to see more tutorials.

Intalling NSXNSXNSX 4.0 .0.1

No responses yet

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert