VXLAN segments are built between VXLAN tunnel end points (VTEPs). Each VXLAN tunnel has a segment ID. You must specify a segment ID pool for the primary NSX Manager to isolate your network traffic. If an NSX controller is not deployed in your environment, you must also add a multicast address range to spread traffic across your network and avoid overloading a single multicast address.
When determining the size of each segment ID pool, consider that the segment ID range controls the number of logical switches that can be created. Choose a small subset of the 16 million potential VNIs. Do not configure more than 10,000 VNIs in a single vCenter because vCenter limits the number of dvPortgroups to 10,000.
The NSX Managers in your cross-vCenter NSX environment must all use non-overlapping segment ID pools. Additionally, the universal segment ID pools should not overlap with any segment ID pool in the cross-vCenter NSX environment. Non-overlapping VNIs is automatically enforced within a single NSX Manager and vCenter environment. However, it's important for you make sure that VNIs do not overlap in your separate NSX deployments. Non-overlapping VNIs is useful for tracking purposes and helps to ensure that your deployments are ready for a cross-vCenter NSX environment.
If any of your transport zones use multicast or hybrid replication mode, you must add a multicast address or a range of multicast addresses.
Having a range of multicast addresses spreads traffic across your network, prevents the overloading of a single multicast address, and better contains BUM replication.
You must ensure that the multicast address or address range specified does not conflict with other multicast addresses assigned on any NSX Manager in the cross-vCenter NSX environment.
Do not use 220.127.116.11/24 or 18.104.22.168/24 as the multicast address range, because these networks are used for local subnet control, meaning that the physical switches flood all traffic that uses these addresses. For more information about unusable multicast addresses, see https://tools.ietf.org/html/draft-ietf-mboned-ipv4-mcast-unusable-01.
- Make sure that the underlying physical switch is configured with an MTU larger than or equal to 1600.
- Make sure that the underlying physical switch is correctly configured with IGMP snooping and an IGMP querier in network segments that carry VTEP traffic.
- Make sure that the transport zone is configured with the recommended multicast address range. The recommended multicast address range starts at 22.214.171.124/24 and excludes 126.96.36.199/24.
You can configure a single segment ID range and a single multicast address or multicast address range from the vSphere Web Client . If you want to configure multiple segment ID ranges or multiple multicast address values, you can do this using the API. See the NSX API Guide for details.
- Using the vSphere Web Client, log in to the vCenter Server system registered with the NSX Manager that will become the primary NSX Manager.
If the vCenter Server systems in your cross-vCenter NSX environment are in Enhanced Linked Mode, you can access any associated NSX Manager from any linked vCenter Server system by selecting it from the NSX Manager drop-down menu.
- Navigate to logical network settings.
- In NSX 6.4.1 and later, navigate to .
- In NSX 6.4.0, navigate to .
- Verify the correct NSX Manager is selected in the NSX Manager drop-down menu.
- Navigate to segment ID pool settings.
- In NSX 6.4.1 and later, click VXLAN Settings, then click Edit next to Segment IDs.
- In NSX 6.4.0, click .
- Enter a range for segment IDs, such as 5000-5999.
- (Optional) If any of your transport zones use multicast or hybrid replication mode, you must add a multicast address or a range of multicast addresses.
- Select or turn on the Enable Multicast addressing feature.
- Enter a multicast address or a multicast address range.