Prerequisites
n You have the Super Administrator or Enterprise Administrator role permission to configure and manage logical switches.
n You have prepared clusters that are to be part of the logical switch. See Prepare Clusters for Network
Virtualization in the NSX Installation Guide.
n You have configured VXLAN on the appropriate clusters. See Configure VXLAN Transport Parameters in the NSX Installation Guide.
n You have the minimum required software versions. See System Requirements in the NSX Installation
Guide.
n VXLAN UDP port is opened on firewall rules (if applicable). The VXLAN UDP port can be configured through the API. IANA has assigned the value 4789 for the VXLAN UDP port. The default is 4789. n Port 80 is opened from NSX Manager to the hosts. This is used to download the VIB/agent. n Physical infrastructure MTU is at least 50 bytes more than the MTU of the virtual machine vNIC. n Managed IP address is set for each vCenter Server in the vCenter Server Runtime Settings. See vCenter
Server and Host Management.
n DHCP is available on VXLAN transport VLANs if you are using DHCP for IP assignment for VMKNics.
n A consistent distributed virtual switch type (vendor, and so on) and version is being used across a given transport zone. Inconsistent switch types can lead to undefined behavior in your logical switch. n You have configured an appropriate LACP teaming policy and connected physical NICs to the ports.
For more information on teaming modes, refer to the VMware vSphere documentation. n 5-tuple hash distribution is enabled for Link Aggregation Control Protocol (LACP).
n For multicast mode, multicast routing is enabled if VXLAN traffic is traversing routers. You have acquired a multicast address range from your network administrator.
n Port 1234 (the default controller listening port) is opened on firewall for the ESX host to communicate with controllers.
n (Recommended) For multicast and hybrid modes, you have enabled IGMP snooping on the L2 switches to which VXLAN participating hosts are attached. If IGMP snooping is enabled on L2, IGMP querier must be enabled on the router or L3 switch with connectivity to multicast enabled networks.
Add a Logical Switch
An NSX logical switch reproduces switching functionality (unicast, multicast, broadcast) in a virtual environment completely decoupled from underlying hardware. Logical switches are similar to VLANs, in that they provide network connections to which you can attach virtual machines. Logical switches are local to a single vCenter NSX deployment. In a cross-vCenter NSX deployment, you can create universal logical switches, which can span all vCenters. The transport zone type determines whether the new switch is a logical switch or a universal logical switch.
Prerequisites
Table 5‑1. Prerequisites for creating a logical switch or universal logical switch
Logical Switch Universal Logical Switch
n vSphere distributed switches must be configured. n NSX Manager must be installed.
n Controllers must be deployed.
n Host clusters must be prepared for NSX. n VXLAN must be configured.
n A segment ID pool must be configured. n A transport zone must be created.
n vSphere distributed switches must be configured. n NSX Manager must be installed.
n Controllers must be deployed.
n Host clusters must be prepared for NSX. n VXLAN must be configured.
n A primary NSX Manager must be assigned. n A universal segment ID pool must be configured. n A universal transport zone must be created. Determine the appropriate NSX Manager on which to make your changes.
n In a standalone or single vCenter NSX environment there is only one NSX Manager so you do not need to select one.
n Universal objects must be managed from the primary NSX Manager. n Objects local to an NSX Manager must be managed from that NSX Manager.
n In a cross-vCenter NSX environment that does not have Enhanced Linked Mode enabled, you must make configuration changes from the vCenter linked to the NSX Manager that you want to modify. n In a cross-vCenter NSX environment in Enhanced Linked Mode, you can make configuration changes
to any NSX Manager from any linked vCenter. Select the appropriate NSX Manager from the NSX Manager drop-down menu.
Procedure
1 In the vSphere Web Client, navigate to Home > Networking & Security > Logical Switches. 2 Select the NSX Manager on which you want to create a logical switch. To create a universal logical
switch, you must select the primary NSX Manager.
3 Click the New Logical Switch ( ) icon. For example:
4 Type a name and optional description for the logical switch.
5 Select the transport zone in which you want to create the logical switch. Selecting a universal transport zone will create a universal logical switch.
By default, the logical switch inherits the control plane replication mode from the transport zone. You can change it to one of the other available modes. The available modes are unicast, hybrid, and multicast.
If you create a universal logical switch and select hybrid as the replication mode, you must ensure that the multicast address used does not conflict with any other multicast addresses assigned on any NSX Manager in the environment.
6 (Optional) Click Enable IP Discovery to enable ARP suppression.
This setting minimizes ARP traffic flooding within individual VXLAN segments---in other words, between VMs connected to the same logical switch. IP discovery is enabled by default.
7 (Optional) Click Enable MAC learning if your VMs have multiple MAC addresses or are using virtual NICs that are trunking VLANs.
Enabling MAC learning builds a VLAN/MAC pair learning table on each vNIC. This table is stored as part of the dvfilter data. During vMotion, dvfilter saves and restores the table at the new location. The switch then issues RARPs for all the VLAN/MAC entries in the table.
This example shows the app logical switch with default settings.
DB-Tier-00 is logical switch connected to a transport zone. It is available only on the NSX Manager on which it was created.
DB-Tier-01 is a universal logical switch connected to a universal transport zone. It is available on any of the NSX Managers in the cross-vCenter NSX environment.
The logical switch and the universal logical switch have segment IDs from different segment ID pools.
What to do next
Add VMs to a logical switch or universal logical switch.
Create a logical router and attach it to your logical switches to enable connectivity between VMs that are connected to different logical switches. .
Create a universal logical router and attach it to your universal logical switches to enable connectivity between VMs that are connected to different universal logical switches.