In my last VCP-NV post, I looked at deploying an edge router and then connecting it to a distributed logical router via a ‘transit’ logical switch. This provides the means for virtual machines connected to NSX logical switches to access the physical network via the NSX Edge router. However, because the virtual machines are connected to logical switches that are not directly connected to the Edge router, we need to have a means of sharing routes between the distributed router(s) and the edge router. This is where OSPF comes in. I’ll start by configuring OSPF on my distributed router.
Configuring OSPF on an NSX Distributed Router
Start by navigating to the ‘NSX Edges’ pane, then double click on the logical router:
Click the ‘Routing’ tab, then click the ‘Edit’ button in the bottom half of the pane, next to ‘Dynamic Routing Configuration’:
Select the network that is connected to your NSX Edge router in the ‘Router ID’ field. Optionally enable logging, then click ok. You’ll be prompted to publish the changes:
Publish the change and then click the OSPF menu option. Start by clicking the green ‘plus’ symbol under the Area Definition section:
In the new window, enter an area id for the new OSPF area (0 and 51 are excluded). I have chosen to use ’10’ as my area ID.
Next, we need to associate this area with an interface on the router. This is done in the Interface Mapping section of the page:
Ensure the correct interface is selected (this should be the one that connects to the Edge Router), and that the newly created OSPF area is specified. Once complete, click ok – you will once again be prompted to publish the changes that have been made.
Once the changes have been published, click on the Edit button next to ‘OSPF Configuration’:
Ensure ‘Enable OSPF’ is checked. We will need to assign a protocol address using an available IP on the ‘transit’ network. For the Forwarding Address, the IP assigned to the router’s transit network interface is used. Once satisfied with the configuration, click OK, then publish the settings. This completes the OSPF configuration for the logical router. Next we need to configure OSPF on the edge router.
Configuring OSPF on an NSX Edge Router
Configuring OSPF on the edge router is much the same as with the logical distributed router. To start with, double click the Edge router in the ‘NSX Edges’ pane. Once open, click on the routing tab. Start by selecting the interface to use by clicking the ‘Edit’ button next to ‘Dynamic Routing Configuration’:
Note that the interface used here isn’t the interface connecting to the logical distributed router, but is the one connecting the edge router to the physical network.
Next we need to add the OSPF Area Definitions. We will need to add the same ID as we did to the logical router (10). Area 0 (significant to OSPF) should already be present, but if not it will need to be created. We then need to configure the interface mappings – with Area 0 mapped to the router’s uplink (connecting it to the physical network), and Area 10 mapped to the interface connecting the edge router to the logical router. When complete, don’t forget to publish the changes. The config screen now looks like:
Next we need to enable OSPF. Click the ‘Edit’ button next to ‘OSPF Configuration’ then click to enable OSPF:
Click OK, and then publish the changes. Finally, we need to configure route distribution. We need to add a redistribution rule for static and connected routes:
Click OK, and then publish the change.
Now, Listing the routes on the NSX edge, I can see the routes learned from the logical distributed router:
The route table on my vyos router (acting as my ‘physical’ external router) also now shows the routes learnt from the NSX edge router:
I have confirmed that the routing and connectivity is working in by lab environment by pinging one of my virtual machines (which is connected to a NSX logical switch), from my external router:
