Configuring Segments
In the previous blog post, we saw step by step details on how to prepare the NSX infrastructure. If you have missed it, you can fine it here. In this blog post, I will discuss about how to configure the Logical segments in your NSX-T environment.
Logical segment is nothing but a logical switch to which a vm or a container get connected. The VMs can then communicate with each other over tunnels between hypervisors if the VMs are connected to the same segment.
Create Segments :
To create Segments, click on Networking > Segments and then click ADD SEGMENT.
Provide the below configuration details to create a logical segment.
- Segment Name > A name for the logical segment
- Uplink & Type > Leave it blank for now
- Transport zone > Overlay
Once completed, you will be able to see all the logical segments under the segments tab.
Attach VMs to Segments :
You can now attach VMs running on the ESXi hosts to their respective segments.
To connect a VM to logical segment created, right-click on the VM and select Edit Settings > Network adapter drop down menu, select the logical switch and click OK.
I have created the below vm’s and connected them to their respective logical switches. My layer 2 connectivity is now established, I can now communicate with the vm’s in the same LS.
| VM Name | IP Address | Logical Switch name |
| App | 172.16.10.10 | App-LS |
| App-1 | 172.16.10.11 | App-LS |
| Web | 172.16.20.10 | Web-LS |
| Database | 172.16.30.10 | DB-LS |
Test Layer 2 Connectivity :
Let’s do a ping test from App vm to App-1 vm. As you can see below, we can communicate with the App-1 vm without any issue.
Now, let’s try to reach any other vm in any of the other logical segments. As expected, they are not reachable from App vm as they are in different logical segmets.
Retrieve Segment information from NSX manager Cli :
Logical Segments
To get logical segment details from the NSX-T manager, connect to the NSX-T manager using SSH using the admin account. Run the below command to get all the logical switches.
get logical-switches
Note: Make a note of the VNI id and UUID of the respective logical switch of your interest to explore more.
MAC Table
Run the below command to get the MAC table of the logical switch. In the example below, we are collecting the MAC address of the Logical segment App-LS. The respective VNI is 71681
get logical-switch <VNI-ID> mac
ARP Table
To get the address resolution protocol(ARP) table of the logical segment, run the below command from the NSX-T manager.
get logical-switch <VNI-ID> arp
Switch Ports
To get information about the connections on a logical switch, run the below command. Make sure to update the command with the UUID of the respective logical switch.
get logical-switch <Logical-Switch-UUID> ports
Tunnel Endpoint
To get the Tunnel Endpoint(TEP) information for any logical switch, run the below command from the nsx manager.
get logical-switch <VNI-ID> vtep
From ESXi host
Connect to an ESXi host using SSH and run the below command to get into the nsxcli mode.
nsxcliNow the esxi is in nsxcli mode and you can run nsxcli commands. Try running get logical-switches and review the output.
Note: You can run get and hit enter to see all the options available.
We have now completed the Logical Segment section. Your vm’s have not layer 2 connectivity. In the next blog, we will discuss about how to get L3 connectivity for the logical virtual machines
Kontainers 
Leave a Reply