NSX Edge supports OSPF, an interior gateway protocol that routes IP packets only within a single routing domain. It gathers link state information from available routers and constructs a topology map of the network. The topology determines the routing table presented to the Internet Layer, which makes routing decisions based on the destination IP address found in IP packets.
OSPF routing policies provide a dynamic process of traffic load balancing between routes of equal cost. An OSPF network is divided into routing areas to optimize traffic. An area is a logical collection of OSPF networks, routers, and links that have the same area identification.
Areas are identified by an Area ID.
Prerequisites
Router ID must have been specified. See “Specify Global Configuration,” on page 49.
Procedure
1 Log in to the vSphere Web Client.
3 Double-click an NSX Edge.
4 Click Routing and then click OSPF. 5 Do one of the following.
Option Description
For an Edge services gateway Click Enable.
For a logical router a Click Edit at the top right corner of the window.
b Click Enable OSPF.
c In Forwarding Address, type an IP address that is to be used by the router datapath module in the hosts to forward datapath packets. d In Protocol Address, type a unique IP address within the same subnet
as the Forwarding Address. Protocol address is used by the protocol to form adjacencies with the peers.
6 In Area Definitions, click the Add icon.
7 Type an Area ID. NSX Edge supports an area ID in the form of an IP address or decimal number. 8 Select Stub in the Type field. Typically, there is no hierarchical routing beyond the stub.
9 Select the type of Authentication. OSPF performs authentication at the area level, hence all routers within the area must have the same authentication and corresponding password configured. For MD5 authentication to work, both the receiving and transmitting routers must have the same MD5 key.
a None: No authentication is required, which is the default value.
b Password: In this method of authentication, a passwords is included in the transmitted packet.
c MD5: This authentication method uses MD5 (Message Digest type 5 ) encryption. An MD5
checksum is included in the transmitted packet.
10 For Password or MD5 type authentication, type the password or MD5 key. 11 Click OK.
12 In Area to Interface Mapping, click the Add icon to map the interface that belongs to the OSPF area. 13 Select the interface that you want to map and the OSPF area that you want to map it to.
14 Hello Interval displays the default interval between hello packets that are sent on the interface. Edit the default value if required.
15 Dead Interval displays the default interval during which at least one hello packet must be received from a neighbor before the router declares that neighbor down. Edit the default interval if required. 16 Priority displays the default priority of the interface. The interface with the highest priority is the
designated router. Edit the default value if required.
17 Cost of an interface displays the default overhead required to send packets across that interface. The cost of an interface is inversely proportional to the bandwidth of that interface. Edit the default value if required.
18 Click OK and then click Publish Changes.
Configure BGP Protocol
Border Gateway Protocol (BGP) makes core routing decisions. It includes a table of IP networks or prefixes which designate network reachability among autonomous systems.
An underlying connection between two BGP speakers is established before any routing information is exchanged. Keep alive messages are sent out by the BGP speakers in order to keep this relationship alive. Once the connection is established, the BGP speakers exchange routes and synchronize their tables.
Procedure
1 Log in to the vSphere Web Client.
2 Click Networking & Security and then click NSX Edges. 3 Double-click an NSX Edge.
4 Click Routing and then click BGP. 5 Click Edit.
6 In the Edit BGP Configuration dialog box, click Enable BGP.
7 Type the router ID in Local AS. Type the Local AS. This is advertised when BGP peers with routers in other autonomous systems (AS). The path of ASs that a route traverses is used as one metric when selecting the best path to a destination.
8 Click Save.
9 In Neighbors, click the Add icon. 10 Type the IP address of the neighbor. 11 Type the remote AS.
12 Edit the default weight for the neighbor connection if required.
13 Hold Down Timer displays interval (180 seconds) after not receiving a keep alive message that the software declares a peer dead. Edit if required.
14 Keep Alive Timer displays the default frequency (60 seconds) with which the software sends keep alive messages to its peer. Edit if required.
15 If authentication is required, type the authentication password. Each segment sent on the connection between the neighbors is verified. MD5 authentication must be configured with the same password on both BGP neighbors, otherwise, the connection between them will not be made.
16 To specify route filtering from a neighbor, click the Add icon in the BGP Filters area. 17 Select the direction to indicate whether you are filtering traffic to or from the neighbor. 18 Select the action to indicate whether you are allowing or denying traffic.
19 Type the network in CIDR format that you want to filter to/from the neighbor. 20 Type the IP prefixes that are to be filtered and click OK.
21 Click Publish Changes.
Configure IS-IS Protocol
Intermediate System to Intermediate System (IS-IS) is a routing protocol designed to move information by determining the best route for datagrams through a packet-switched network.
A two-level hierarchy is used to support large routing domains. A large domain may be divided into areas. Routing within an area is referred to as Level 1 routing. Routing between areas is referred to as Level 2 routing. A Level 2 Intermediate System (IS) keeps track of the paths to destination areas. A Level 1 IS keeps track of the routing within its own area. For a packet going to another area, a Level 1 IS sends the packet to the nearest Level 2 IS in its own area, regardless of what the destination area is. Then the packet travels via Level 2 routing to the destination area, where it may travel via Level 1 routing to the destination. This is referred to as Level-1-2.
Procedure
1 Log in to the vSphere Web Client.
2 Click Networking & Security and then click NSX Edges. 3 Double-click an NSX Edge.
4 Click Routing and then click IS-IS. 5 Click Edit and then click Enable IS-IS. 6 Type the System ID and select the IS-IS type.
Level 1 is intra-area, Level 2 is inter-area, and Level 1-2 is both. Level 2 routers are inter-area routers that can only form relationships with other Level 2 routers. Routing information is exchanged between Level 1 routers and other Level 1 routers, and Level 2 routers only exchange information with other Level 2 routers. Level 1-2 routers exchange information with both levels and are used to connect the inter-area routers with the intra-area routers.
7 Type the Domain Password and Area Password. The area password is inserted and checked for Level 1 link state packets, and the domain password for Level 2 link state packets.
8 Define the IS-IS areas.
a Click the Add icon in Areas. b Type up to three area IP addresses. c Click Save.
9 Configure interface mapping.
a Click the Add icon in Interface Mapping.
b Choose the Circuit Type to indicate whether you are configuring the interface for Level-1, Level-2, or Level-1-2 adjacency.
c Hello Interval displays the default interval in milliseconds between hello packets that are sent on the interface. Edit the default value if required.
d Hello Multiplier displays the default number of IS-IS hello packets a neighbor must miss before it is declared down. Edit the default value if required.
e LSP Interval displays the time delay in milliseconds between successive IS-IS link-state packet (LSP) transmissions. Edit the default value if required.
f Metric displays default metric for the interface. This is used to calculate the cost from each interface via the links in the network to other destinations. Edit the default value if required. g Priority displays the priority of the interface. The interface with the highest priority becomes the
designated router. Edit the default value if required.
h In Mesh Group, type the number identifying the mesh group to which this interface belongs. Edit the default value if required.
i Type the authentication password for the interface and click OK. Edit the default value if required. 10 Click Publish Changes.