Manualshelf

Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4128F-ON/S4128T-ON
171172173174175176177178179180
The NSX controller communicates with an OS10 VTEP using the OVSDB management protocol over a Secure Sockets Layer
(SSL) connection. Establishing the communication between the controller and VTEP involves generating the SSL certificate at a
VTEP and copying the certificate to the NSX controller. After SSL authentication, a secure connection over SSL is established
between the controller and the VTEP. The VTEP then receives and processes the configuration data from the controller.
Controller-provisioned VXLAN: Manual configuration
You must manually configure the underlay network using the OS10 CLI:
Configure the L3 protocol used for underlay routing. Underlay reachability to VTEP peers is learned using the configured
routing protocol.
Configure the loopback interface in the default VRF that is used as the VTEP source IP address for controller-based
provisioning.
Assign the VTEP interfaces to be managed by the controller.
Controller-provisioned VXLAN: Automatic provisioning
The controller automatically provisions:
L2 overlay network
VXLAN virtual networks, including remote VTEP source addresses
Local access ports in a virtual network
An OS10 VTEP sends the addition or deletion of server MAC addresses at the VXLAN access port to the NSX controller
using the OVSDB protocol. The controller then propagates the information to VTEP peers. The VTEPs program their
forwarding tables accordingly.
Configure controller-provisioned VXLAN
To configure the NSX controller, follow these steps on each OS10 VTEP:
1. Configure the source interface used for controller-based VXLAN provisioning. Assign an IPv4 address to a loopback
interface. Assign the loopback interface to an NVE instance. The loopback interface must belong to the default VRF. For
detailed information, see the Configure source IP address on VTEP.
2. Configure NSX controller reachability.
3. Assign local access interfaces to be managed by the controller. The VLAN IDs of member access interfaces created using
the OS10 CLI must be different from the VLAN IDs of port-scoped VLANs created by the NSX controller for virtual
networks.
4. (Optional) Enable BFD in the NSX and the VTEP. OS10 complies with RFC5880 for Bidirectional Forwarding Detection.
Configuration notes
172
VXLAN