This has never been a straightforward topic, and I have difficulty explaining it in a reasonable amount of time. So now I’m going to start sending people here. Really great job.
Great video for understanding SR/DR - it's so easy to think when you create a service interface on a DR that the interface lives there, but really a SR is instantiated on the edge cluster and that's where the interface lives I have a use case to try and push a VPN over a service interface on a dedicated T1 - is this possible? We always think of stateful services such as BGP, NAT etc taking place there but I want (for some special reasons) to run VPN in this way. in my case I want to use this service interface to connect to a VLAN backed segment rather than have the VPN route out up through NSX layers
So sorry I missed this comment/question! I'll be honest, I'm not sure if this would work or not! It's something I would put in the category of "need to lab it up to answer that" :) Did you ever find out?
@@NRDYTech no problem! Appreciate the reply regardless. Yes this is working albeit on a T0. I haven’t been involved totally in the nitty gritty for the VPN but I believe it’s all now operating as expected. Have to say, I’ve leaned on your videos lots to design and implement NSX-T in our environment. They’ve been invaluable, so thanks!!!
DR is not necessary on your host where the edge VM sits..that host doesn't even have to be prepped for NSX. The DR would be on the edge VM though - inside of it.
In the previous video, Mike mentioned we can't connect one T0 to another T0. A T0 always connects (uplinks) to the physical network but not to another T0. Hope that helps. Guys correct me if I'm wrong