How to Create VXLAN/Virtual Wires

Follow

Summary

This Knowledge base article provides the information and procedures necessary to create a VXLAN/Virtual Wire to support your pCloud environment.


More Information

VXLAN is an overlay technique that encapsulates layer 2 in layer 3. To learn more about how this technology works, see RFC 7348 .

Login to vShield Manager

To create Virtual Wires, you must login to vShield Manager which provides the interface necessary to deploy VXLANS/Virtual Wires.

  1. Login to your Partner Portal at https://portal.vpdc.us/User/Login . Click Accounts and select your Account Name. At the bottom of the account page on the drop-down to the right, click vCloud Suite as shown below.



  2. Under the pCloud Instance ID column, select the pCloud , within which you want tp create VXLANs.
  3. Use the VPN Access Information to connect to your pCloud. (If the VMware SSL VPN Client is already installed  on you PC, go to step d)
    1. Open the SSL VPN Portal address in a web browser.
    2. Enter credentials with the username: cloudadminvpn and your password. The password will be your SSLVPN Password listed under the VPN Access Information section.
    3. Download and Install the VMware SSL VPN Client Plus software.
    4. Run the VMware SSL VPN Client Plus login using the same credentials used in step b.
  4. Once you are connected via SSL, login using to vShield Manager using the vShield Manager URL.

Creating a Virtual Wire

  1. Creating a Network Scope - A scope is the boundary of your virtual network. If you have multiple clusters and want them to have access to the same virtual wires, you will need to make them part of the same network scope.
    1. Select your datacenter object (in this example Austin ).
    2. Click the Network virtualization tab.
    3. Select Network Scopes.
    4. Click the green plus + symbol to display the Add Network Scope.
    5. Assign a name to the scope and select the clusters you want to add to this network scope.
    6. Click OK .



  2. Creating a VXLAN/Virtual Wire - Having defined the network boundary/network scope, next we will create VXLANs/Virtual Wires and associate them to Network Scopes as required.
    1. Select your Datacenter object (in this example Austin ).
    2. Click the Network virtualization tab.
    3. Select Networks .
    4. Click the green plus + symbol to display the Create a VXLAN network dialog.
    5. Assign a name to the VXLAN.
    6. Select the previously configured Network Scope .
    7. Click OK .



      Note: Once a new VXLAN/Virtual Wire is provisioned using the instructions above, a new VXLAN/Virtual Wire portgroup is created under vSphere -> Inventory -> Networking , with a label containing the SegmentID (SID) and Network Scope name. In this example, the label is vxw-dvs-35-virtualwire-1-sid-5000-Customer1-vWire1 .

  3. Associating a VXLAN/Virtual Wire to a Virtual Machine.

    Note: You can add Virtual Machine to a Virtual Wire by double-clicking it and then selecting the Virtual Machine.
    1. Select your Datacenter object (for this example Austin ).
    2. Click the Network virtualization tab.
    3. Select Networks .
    4. Double-click the Virtual Wire , for example Customer1-vWire1.
    5. Select the Virtual Machine tab
    6. Click the green plus + symbol to associate the selected Virtual Wire to an Ethernet Adapter of a Virtual Machine.



      Note: You can also associate a Virtual Wire portgroup to any Virtual Machine within vSphere, if you prefer to use vSphere Client to achieve the above task.

Installing Edge Appliance

Now that the Virtual Wire is associated with a Virtual Machine, a gateway/Edge device is needed to get IN and OUT of it. To deploy a gateway/Edge device, refer to Knowledge base article #2895 - Installing Edge Appliance .

VXLAN Setup in pCloud

Note: Normally the following is preconfigured for your default pCloud deployment and you are not required to go through this process, however, if you have consumed all of the virtual wires in your environment, you can add a new Segment ID/VNI pool range in your pCloud using the procedure below.

Adding Datacenter(s) to vShield Manager:

Once you are logged in to the vShield Manager, the next step is to link your vShield Manager to vCenter Server:

  1. Click Settings & Reports in the left pane to navigate to the Configuration tab of the General section.
  2. Click Edit in the vCenter Server section and fill in the details ( ip or hostname / username / password ).

  3. After completing the above, vShield Manager will populate your vCenter datacenter(s) under the Datacenters yellow folder.

Configuring VXLAN with vShield Manager

To configure a VXLAN with vShield Manager, perform the following steps:

Pre-requisite: Locate the following required information under the Portgroup pC-VXLAN-{TAG}-{Alias} in Partner Portal before proceeding the VXLAN configuration.

  • Segment ID/VNI pool range (Required in Step 1 below)
  • Multicast range (Required in Step 1 below)
  • VXLAN VLAN: pC-VXLAN-{TAG}-{Alias} (Required in Step 2 below)
  • External WAN VLAN: vDPW{TAG}{Alias}

Procedure

  1. Segment ID Pool and Multicast Address.
    1. Select your Datacenter object (in this example Austin ).
    2. Click the Network virtualization tab.
    3. Click Preparation and then click Segment ID .
    4. Enter the pool of Segment IDs provided by your Cloud Provider (Neverfail).
      Note:
      If you have multiple vShield Managers, then Segment IDs must be unique to prevent virtual wires with the same ID.
    5. Enter the Multicast address range provided by your Cloud Provider (Neverfail).
  2. Preparing a Resource Cluster to be part of an VXLAN.
    1. Click Preparation and then click Connectivity .
    2. Click Edit, select your cluster(s), and then click Next .
    3. Choose the Distributed switch that is to be associated with the resource cluster.
    4. Enter the pC-VXLAN-{TAG}-{Alias} TAG/VLAN ID for the desired network segment that will be used to overlay the VXLAN traffic coming from the Distributed Switches.
    5. Set the Teaming Policy to Failover , MTU (bytes) to 1600 and then click Finish .

Result: An agent is installed on the hosts in your cluster by the vib package that handles VXLAN traffic. VXLAN vmkernel modules are pushed and enabled on all of the hosts that are part of the selected cluster. New dvPort Groups and vmknic interfaces are added and automatically created on the Distributed Switch associated to the VXLAN. The new dvPort group can be identified in vSphere by the unique naming convention vxw-vmknicPg-dvs-xx-xx-xx-xx .

Troubleshooting

Symptom

As a result of the above configuration, the Status of the hosts preparation will be displayed as Not ready under the Vmknic IP Addresses column.

Cause

A result of the automated network configuration process for the Vmknics, is that all interfaces are automatically assigned an IP address based on DHCP. This behavior can become a configuration management issue. Unless there is a DHCP server on that network segment (normally the management network), all of the newly created interfaces will receive an IPv4 address within the 169.254/16 prefix that is valid for communication with other devices connected to the same physical link.

Solution

  1. Update the vmknics interface with automatically assigned valid IP addresses.
  2. Check the host in vSphere, Networking/vDS Switch/ and edit the new vmk port.
  3. Update the IP address to reflect the VXLAN assigned IP for that host.
    Note: VXLAN and IP Address can be located under the Portgroup : pC-VXLAN-{TAG}-{Alias} in Partner Portal

The figure below illustrates the successful VXLAN preparation result.



Applies To

All versions


Related Information

None

KBID-2896

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.