VMware HCX – Network Extension between sites

by Farhan Patel, posted in Software Defined Networking, VMware HCX, VMware NSX

Network extension use-case of VMware HCX allows us to extend networks from one site to another thereby allowing VMs to be migrated to target site by retaining the same IP addressing and avoiding any change of IP addressing for the workloads being migrated.

In my previous post about VMware HCX titled ‘VMware HCX use cases and HCX Architecture’, I covered the architectural components of VMware HCX.

HCX service mesh components such as HCX interconnect IX, HCX network extension NE, HCX WAN Optimization WO these belong to the data plane and they are deployed in a symmetric manner across both sites such as below.

HCX Service Mesh Components

The above figure shows bidirectional HCX site pairing but bear in mind that unidirectional site pairing can also be configured. This lab setup has unidirectional HCX site pairing setup.

Each service mesh appliance needs to process traffic specific to HCX.

HCX network profiles are created in each site for these networks:

  • HCX Uplink: Used by Service Mesh components to reach their peer appliances.
  • HCX Management: Used by Service Mesh components to connect to HCX Manager, vCenter Server, NTP, DNS.
  • HCX vMotion: Used by Service Mesh components to connect to the ESXi cluster for vMotion-based services.
  • HCX Replication: Used by Service Mesh components connect to the ESXi cluster for Replication-based services.
  • HCX Guest Network: In OSAM deployments, used by the  Service Mesh Sentinel Gateway to connect to the Sentinel agents.

You need to create distributed port groups backed by corresponding VLAN for each of these traffic types. Please note that NSX segment type backing for the HCX appliance is also supported.

Traffic types on each service mesh appliance

The above table shows the different traffic types on each HCX appliance type.

HCX Deployment

Before extending network using HCX, we need to make sure that HCX installation is complete and that HCX service mesh is deployed. You could have multiple service meshes under a single HCX manager but at least one needs to be in place before extending networks.

HCX Deployment for private cloud to private cloud

Note: For deployments where one of the sites is Oracle Cloud VMware Solution, VMware HCX is pre-configured as part of the SDDC provisioning operation and utilizes Network profiles from SDDC VLANs.

What do you need to ensure before you extend the network?

Before establishing network extension, let’s ensure that HCX site pairing is done, compute profiles, network profiles are in place and HCX service mesh is deployed.

HCX Site Pairing

HCX site pairing has been pre-configured. This is unidirectional site pairing.

HCX Network Profiles

Network profiles have already been configured in this case in both sites.

These parameters go inside a specific network profile

Parameters related to HCX network profile

As shown above, while creating a network profile, you specify parameters like:

  1. Backing type, distributed port group or NSX segment for the network
  2. IP pool, range of IP addresses to be assigned from this IP subnet to the HCX appliances.
  3. Prefix length for the network
  4. Gateway for this network
  5. Primary & Secondary DNS Server IP
  6. DNS Suffix

Create a network profile for each of these traffic types in each site:

  1. HCX Management
  2. HCX Uplink
  3. HCX vMotion
  4. HCX Replication
Create network profiles in both source site as well as destination site

These network profiles will be consumed in compute profile

Create compute profile in each site
Compute Profile

Create a compute profile in both source and destination sites.

HCX Service Mesh

HCX service mesh is pre-configured as shown above in this lab.

Adding a Service Mesh initiates the deployment of HCX Interconnect virtual appliances on both of the sites. A Service Mesh is always created at the source site.

What goes inside a HCX service mesh?

Target environment already has a Tier 1 Gateway configured.

Take a note of the corresponding Tier 1 Gateway in target environment because we need to specify this while creating network extension.

Tier 1 Gateway in target environment

Note the gateway IP of the network in source environment because this is needed while creating the network extension.

Note the gateway IP of the network being extended.

Let’s go ahead and create a network extension now:

Now we will extend NSX-T segment from source to target environment.

This layer 2 network extension can help us migrate VM from source environment to target environment and allows us to use same, original IP address when the VM lands in the target environment.

This will be done from HCX Manager of source environment

Create a network extension

Click on ‘Create a network extension’

Select network to be extended to target site

Specify gateway IP, NSX Tier 1 Gateway at target site, HCX extension appliance and cick Submit

Monitor the status of this workflow in HCX UI.

HCX network extension for the segment is complete and the status is okay.

Leave a comment