NSX for vSphere: Management Interface of Distributed Logical Router Control VM

This article has been re-published as a KB: http://kb.vmware.com/kb/2122060

About Dmitri Kalintsev

Some dude with a blog and opinions ;) View all posts by Dmitri Kalintsev

6 responses to “NSX for vSphere: Management Interface of Distributed Logical Router Control VM

  • Michael

    Hi Dmitry,
    is there a notion of ‘vrf’ on DLR control VM so that this management interface gets separated from VXLAN routing plane?
    And one more question, if giving IP to management interface is optional why isn’t the same true for assigning it to a port group?

    • Dmitri Kalintsev

      Hi Michael,

      There’s no VRF support in DLR at this point; management or otherwise.

      I do not know the exact reason why connecting Management interface is mandatory. It is not used by NSX itself, since all Edge appliances – Control VMs and ESGs – are managed via VMCI channel, or in some rare cases via VIX, which doesn’t need any vNICs connected.

  • NSX for Newbies – Part 6: Distributed Logical Router (dLR) Theory&Configuration | blog.bertello.org

    […] protocol because there’s┬áReverse Path Forwarding (RPF) enabled. Dmitri Kalintsev wrote a good article that explaining more in detail this concept. Configure interfaces on this NSX Edge: using the + symbol repeat the wizard until you have created […]

  • vintage63

    Hi Dmitry,
    What if I ‘m interested in opening up SSH to the DLR Controller w/o host-jumping ? I.e. it’s conceivable that my management station sit sin another subnet. Is there a plan to support this going forward or could we SSH plainly to one of the vxlan based interfaces insofar these prefixes are reachable from the outside.

    • Dmitri Kalintsev


      You can’t connect to DLR Control VM on any of DLR’s VXLAN LIFs, because the IP addresses associated with LIFs are distributed and served by ESXi hosts, not the DLR Control VM.

      You can only SSH into DLR Control VM on the “Protocol IP”, as described in this post.

      Also starting with NSX 6.2, you can execute many of the Edge CLI commands directly from the centralised CLI, with no need to SSH into DLR Control VM. Instead, SSH into your NSX Manager and run these commands from there.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: