OVSDB and VXLAN Configuration Workflows for VMware NSX Environment

 

The workflow that you use to configure Open vSwitch Database (OVSDB) and Virtual Extensible LAN (VXLAN) in a VMware NSX environment depends on the Juniper Networks device that you are configuring. This topic provides more information about the following workflows:

OVSDB and VXLAN Configuration Workflow for QFX Series Switches

Table 1 provides a high-level workflow of the tasks that you must perform to configure OVSDB and VXLAN on QFX Series switches. You must perform the tasks in Table 1 for each Juniper Networks switch that you plan to deploy in an OVSDB environment. In general, the successful completion of a task in this workflow depends on the successful completion of the previous task, so it is important to adhere to the task sequence provided in Table 1.

Table 1: OVSDB and VXLAN Configuration Workflow for QFX Series Switches

Sequence

Task

For More Information

1

Create and install a Secure Sockets Layer (SSL) key and certificate.

Creating and Installing an SSL Key and Certificate on a Juniper Networks Device for Connection with SDN Controllers.

2

Enter the set switch-options ovsdb-managed configuration mode command on the Juniper Networks switch.

3

Explicitly configure a connection to at least one VMware NSX controller.

Setting Up OVSDB on Juniper Networks Devices That Support the Dynamic Configuration of VXLANs.

4

Specify that each physical interface associated with a VXLAN is to be managed by OVSDB.

Setting Up OVSDB on Juniper Networks Devices That Support the Dynamic Configuration of VXLANs.

5

Configure a logical switch for each OVSDB-managed VXLAN that you plan to implement.

See the VMware documentation that accompanies NSX Manager or the NSX API.

6

  • For each Juniper Network switch on which OVSDB-managed VXLANs and interfaces are configured, create a gateway.

  • For each OVSDB-managed interface that you configure, create a gateway service.

  • For each logical interface that you plan to implement for a VXLAN, configure a logical switch port.

Note: On QFX Series switches, when multiple logical interfaces are bound to an OVSDB-managed physical interface, keep in mind that all of the logical interfaces must be either access interfaces that handle untagged packets or trunk interfaces that handle tagged packets. An OVSDB-managed physical interface does not support a mix of access and trunk interfaces.

For general information about configuring gateways, gateway services, and logical switch ports, see the VMware documentation that accompanies NSX Manager or the NSX API.

For key NSX Manager configuration details that help you configure gateways, gateway services, and logical switch ports so they function properly with their physical counterparts, see VMware NSX Configuration for Juniper Networks Devices Functioning as Virtual Tunnel Endpoints.

7

Configure the loopback interface (lo0) on the Juniper Networks switch for VXLAN by entering the following configuration mode commands:

  • set interfaces lo0 unit 0 family inet address ip-address primary

  • set switch-options vtep-source-Interface lo0.0

After you successfully complete task 6 in Table 1, the Juniper Networks switch dynamically creates a VXLAN for each logical switch that you configured in task 5. The Juniper Networks switch also dynamically creates and associates interfaces with each VXLAN. The dynamically created interface configuration is based on the gateway service and logical switch ports that you configured in task 6. For more information, see Understanding Dynamically Configured VXLANs in an OVSDB Environment.

For OVSDB-VXLAN scenarios in which Juniper Networks switches are commonly deployed, see the following topics:

OVSDB and VXLAN Configuration Workflow for MX Series Routers and EX9200 Switches

Table 2 provides a high-level workflow of the tasks that you must perform to configure OVSDB and VXLAN on MX Series routers and EX9200 switches. You must perform the tasks inTable 2 for each Juniper Networks device that you plan to deploy in an OVSDB environment. In general, the successful completion of a task in this workflow depends on the successful completion of the previous task, so it is important to adhere to the task sequence provided in Table 2.

Table 2: OVSDB and VXLAN Configuration Workflow for MX Series Routers and EX9200 Switches

Sequence

Task

For More Information

1

Create and install an SSL key and certificate.

Creating and Installing an SSL Key and Certificate on a Juniper Networks Device for Connection with SDN Controllers.

2

Explicitly configure a connection to at least one NSX controller.

Setting Up the OVSDB Protocol on Juniper Networks Devices that Support Manual Configuration of VXLANs.

3

Specify that each physical interface associated with a VXLAN is to be managed by OVSDB.

Setting Up the OVSDB Protocol on Juniper Networks Devices that Support Manual Configuration of VXLANs.

4

Configure a logical switch for each OVSDB-managed VXLAN that you plan to implement.

See the VMware documentation that accompanies NSX Manager or the NSX API.

5

Configure OVSDB-managed VXLANs.

Configuring OVSDB-Managed VXLANs.

6

For each Juniper Network device on which OVSDB-managed VXLANs and interfaces will be configured, create a gateway.

For each OVSDB-managed interface that you configure, create a gateway service.

For each logical interface that you plan to implement for a VXLAN, configure a logical switch port.

For general information about configuring gateways, gateway services, and logical switch ports, see the VMware documentation that accompanies NSX Manager or the NSX API.

For key NSX Manager configuration details that help you configure gateways, gateway services, and logical switch ports, so that they function properly with their physical counterparts, see VMware NSX Configuration for Juniper Networks Devices Functioning as Virtual Tunnel Endpoints.

7

Configure the loopback interface (lo0) on the Juniper Networks device for VXLAN by entering the following configuration mode commands:

  • set interfaces lo0 unit 0 family inet address ip-address primary

  • set switch-options vtep-source-Interface lo0.0

For OVSDB-VXLAN scenarios in which these Juniper Networks devices are commonly deployed, see the following topics: