Principles
- Understand proper use and addition of a DHCP IP Pool
- Enable a DHCP IP pool
- Determine use and proper implementation of DNS services
- Determine when and how to configure Source NAT
- Determine when and how to configure Destination NAT
- Given a scenario, compare and contrast proper DHCP uses
References
- NSX Administration Guide
http://pubs.vmware.com/NSX-62/topic/com.vmware.ICbase/PDF/nsx_62_admin.pdf
- NSX Command Line Interface Reference
http://pubs.vmware.com/NSX-62/topic/com.vmware.ICbase/PDF/nsx_62_cli.pdf
Understand proper use and addition of a DHCP IP Pool
- Supports IP Address pooling
- 1:1 static IP Address assignment
- Can be bound to VM vNIC Index or MAC Address
- Provides:
- IP Address
- Default Gateway (=IP of Internal Interface bound to DHCP Pool)
- DNS Servers
- DNS Search Domains
- DHCP Relay supported as of version 6.1
- Configure on DLRs
Enable a DHCP IP pool
NSX Edge -> Manage -> DHCP
Pool Configuration
Configuration Parameters:
- Start/End IP
- Domain Name
- DNS Name Servers
- Default Gateway
- Subnet Mask
- Lease never expires
Advanced Options:
- Next Server: Next boot TFTP server: used by PXE boot or BootP
- TFTP Server Name: IP Address or FQDN for client to download file specified in “Bootfile name” option
- TFTP Server Addresses: List of TFTP Server IPs
- Bootfile name: Filename to be downloaded (match with file specified in TFTP Server Name)
- Interface MTU: 1 per Pool and Static Binding
- Classless Static Route: Multiple routes with to same destination are permitted
Determine use and proper implementation of DNS services
NSX Edge -> Manage -> DNS
- Configure external DNS servers on an ESG
- ESG forwards DNS requests from clients to external servers
- ESG can cache response it receives from external DNS servers
Determine when and how to configure Source NAT
NSX Edge -> Manager -> NAT
- SNAT used to translate source address from Public IP to Private or vice versa
- e.g. SNAT used northbound from a home broadband router towards the Internet
Parameter | Values |
Applied On | Interface or any |
Protocol | Protocol or any |
Original Source IP/Range (Mandatory) | IP, range, subnet or any |
Original Source Port/Range | Port, any |
Destination IP/Range | IP, range, subnet or any |
Destination Port/Range | Port, any |
Translated Source IP/Range (Mandatory) | IP, range, subnet, any |
Example: Translate 192.168.2.100-110 -> 172.16.5.100-110
Determine when and how to configure Destination NAT
NSX Edge -> Manager -> NAT
- DNAT Used to translate the destination address from Public to Private or vice versa
- e.g. translate incoming requests to public IP to private Load Balancer IP to private address
Parameter | Values |
Applied On | Interface or any |
Protocol | Protocol or any |
Original Source IP/Range | IP, range, subnet or any |
Original Source Port/Range | Port, any |
Original Destination IP/Range (Mandatory) | IP, range, subnet or any |
Original Destination Port/Range | Port, any |
Translated IP/Range | IP, range, subnet, any |
Translated Port/Range (Mandatory) | Port, any |
Example: Translate 172.16.10.100-120 -> 192.168.25.100-120
Given a scenario, compare and contrast proper DHCP uses
- Use DHCP Pools when VMs are connected directly to an NSX Edge
- Use Static Bindings for permanent MAC/vNIC leases
- Use DLR DHCP Relay to make use of existing DHCP servers