Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Results Summary and Analysis

This JVDE focuses on the validation of the VMware NSX-T integration with data center fabric using Apstra provisioning. The validation carried out shows how external systems like VMware NSX-T can be integrated using Apstra providing visibility into the networking details of virtual machines (VMs) and containers hosted by ESXi servers, which are connected to leaf switches managed by Juniper Apstra as part of the JVD data center network fabric.

Configuration and Integration Tests

The JVDE test validation involved creating NSX-T components needed for connectivity with the data center fabric, here are some of the Vmware NSX-T components on NSX-T manager:

  • Adding the vSphere as compute manager to configure NSX-T on selected ESXi servers connected to the TOR switches.
  • Configure left and right uplink VLANs and overlay uplink.
  • Configure VDS switch and associate it to the uplinks and overlay uplink VLANs.
  • Configure the edge Node as VM on the ESXi host connected to the border leaf.
  • Create and configure logical segments for microsegmenting VM networks, the logical segments can then be seen in vSphere to use as network adapters in vSphere for VMs to communicate East-West.
  • Create and configure T0 (including loopback interface to bgp peer with border leaf switches, Left and right uplink interface to connect to border Leaf switches) and T1 gateways for north-south communication with border leaf switches (serving as gateways to the data center fabric). The geneve tunnels terminate on border leaf switches and the network packets are converted to EVPN VXLAN packets.

Furthermore, the JVDE also shows the configuration required on Juniper Apstra so as to allow the network traffic flow for inter-host (ESXi) VMs and intra-host (ESXi) VMs scenarios which are connected to leaf switches using the overlay VLAN. Following are the configurations that were successfully configured on Apstra:

  • Add vSphere and NSX-T manager as External Network Providers and then add them as Virtual Infra in the blueprint.
  • Create Routing Zone for NSX-T traffic and then associate with the overlay VLAN layer 2 Virtual Network assigned to all the fabric leaf switches.
  • Create Connectivity Templates for:
    • Creating IP Links using routed interfaces on border leaf switches to Edge Node VM hosted on ESXi server.
    • Creating BGP peering between NSX-T T0 and border leaf switches (border leaf switch one as the left uplink and border leaf switch two as the right uplink) providing resiliency. The BGP peering is also verified from the NSX-T Edge Node VM and border leaf switches.
    • Creating static routes between NSX-T T0 and border leaf switches (same is also configured on NSX-T manager)

Operational and Trigger Tests with NSX-T setup are as follows:

  • Verification of NSX-managed host connectivity:
    • Intra-VLAN within NSX
    • Inter-VLAN across NSX
  • Change MTU of the overlay transport node to test for configuration anomaly.
  • BGP flapping on the border leaf switch is used to detect if other border leaf routes traffic correctly and traffic loss is minimal.
  • Rebooting fabric switches one a time to verify if NSX-T detects the tunnels going down for the affected DUT (device under test).

Apart from the above tests described, other non-test goal tests such as reboot switches, reset DHCP bindings, deactivating BGP on leaf switches to cause BFD sessions to converge traffic to minimize traffic loss were also conducted.

The JVDE validation aim was to ensure that the Juniper data center switches can integrate with NSX-T using Apstra to configure configurations required for this setup. This has been successfully validated using the Junos OS release 22.2R3-S3 or Apstra 4.2.1.