beautypg.com

Brocade Network OS Administrator’s Guide v4.1.1 User Manual

Page 373

background image

d)

Run the attach vlan vlan_ID command to export specified VLANs (these are VLANs than
can be mapped to VXLAN domains), as shown in the example below:

switch(config-overlay-gateway1)# attach vlan 5,14-17

All the MAC addresses that the VXLAN gateway learns on these VLANs are shared with the
NSX controller. When a MAC address ages out in VCS, the MAC address is removed from
the NSX controller.

There is also an option to list specific MAC addresses. In this case, other MAC addresses
that are learned for the VLAN are not shared with the NSX Controller. For more information,
refer to the attach vlan command in the Network OS Command Reference.

e)

Optional: You can run the enable statistics direction command to enable statistics
collection for tunnels you specify, as shown in the following example:

switch(config-overlay-gw-gateway1)# enable statistics direction both vlan

add/remove 1-10

This example command enables statistics collection for tunnels in both
directions(transmitting and receiving) for the VLANs specified.

f)

Optional: If you have created a SPAN destination outside of the VXLAN gateway (as a
monitor session), you can run the monitor session command to monitor sessions traffic, as
shown in the following example:

switch(config-overlay-gw-gateway1)# monitor session 1 direction both

remote-endpoint 1.2.3.4 vlan add 41-43

switch(config-overlay-gw-gateway1)# monitor session 1 direction both

remote-endpoint any vlan add 41-43

g)

Run the activate command to activate this gateway instance:

switch(config-overlay-gw-gateway1)# activate

This operation enables all tunnels associated with this gateway. VXLAN tunnels are not
user configurable.

h)

Return to Privileged EXEC mode by running the end command:

switch(config-overlay-gw-gateway1)# end

2.

NOTE
Certificate generation is a one-time-only action.

Generate the security certificate for the VXLAN gateway by running the nsx-controllerclient-cert
generate
command:

sw0# nsx-controller client-cert generate

3. Display the certificate by running the show nsx-controller client-cert command in Privileged EXEC

mode, then provide the certificate to the NSX administrator.

4. The following substeps are for configuring the management interface (depicted by the red line in

Figure 44

on page 370), which allows communication between the VXLAN gateway and the NSX

controller:
a)

Enter global configuration mode by running the configure command.

sw0# configure

b)

Run the vcs virtual ip address command:

switch(config)# vcs virtual ip address

192.168.0.78/24

c)

Run the nsx-controller name command to specify a name for a new NSX controller
connection profile:

switch(config)# nsx-controller profile1

d)

Run the ip address command to set the IP address of the controller, port and connection-
method settings for an NSX controller connection profile as shown in this example:

switch(config-nsx-controller-profile1)# ip address 10.21.83.188

e)

Optional: You can change the reconnect interval between the NSX controller and the VCS
fabric in case the connection is lost. The default is 10 seconds, meaning that a reconnection
is attempted every 10 seconds. To change this interval to 40 seconds, for example, run the
following command:

switch(config-nsx-controller-profile1)# reconnect-interval 40

f)

Run the activate command to activate the NSX controller profile:

switch(config-nsx-controller-profile1)# activate

This command initiates the connection between the NSX controller and the VCS fabric.

Configuring a VXLAN Gateway

Network OS Administrator’s Guide

373

53-1003225-04