You can change the port used for VXLAN traffic.

Before you begin

  • Verify that the port you want to use for VXLAN is not blocked by a firewall.

  • Verify that host preparation is not running at the same time as the VXLAN port change.

About this task

Starting in NSX 6.2.3, the default VXLAN port is 4789, the standard port assigned by IANA. Before NSX 6.2.3, the default VXLAN UDP port number was 8472.

Any new NSX installations will use UDP port 4789 for VXLAN.

If you upgrade to NSX 6.2.3, and your installation used the old default (8472), or a custom port number (for example, 8888) before the upgrade, that port will continue to be used after the upgrade unless you take steps to change it.

If your upgraded installation uses or will use hardware VTEP gateways (ToR gateways), you must switch to VXLAN port 4789.

Cross-vCenter NSX does not require that you use 4789 for the VXLAN port, however, all hosts in a cross-vCenter NSX environment must be configured to use the same VXLAN port. If you switch to port 4789, this will ensure that any new NSX installations added to the cross-vCenter NSX environment are using the same port as the existing NSX deployments.

Changing the VXLAN port is done in a three phase process, and will not interrupt VXLAN traffic. In a cross-vCenter NSX environment the change will propagate to all NSX Manager appliances and all hosts in the cross-vCenter NSX environment.

Procedure

  1. Click the Logical Network Preparation tab, then click VXLAN Transport.
  2. Click the Change button in the VXLAN Port panel. Enter the port you want to switch to. 4789 is the port assigned by IANA for VXLAN.

    It will take a short time for the port change to propagate to all hosts.

  3. (Optional) : Check the progress of the port change with the GET /api/2.0/vdn/config/vxlan/udp/port/taskStatus API request.
    GET https://nsxmgr-01a/api/2.0/vdn/config/vxlan/udp/port/taskStatus
    <?xml version="1.0" encoding="UTF-8"?>
    <vxlanPortUpdatingStatus>
        <prevPort>8472</prevPort>
        <targetPort>4789</targetPort>
        <taskPhase>PHASE_TWO</taskPhase>
        <taskStatus>PAUSED</taskStatus>
    </vxlanPortUpdatingStatus>

    ...

    <?xml version="1.0" encoding="UTF-8"?>
    <vxlanPortUpdatingStatus>
        <prevPort>8472</prevPort>
        <targetPort>4789</targetPort>
        <taskPhase>FINISHED</taskPhase>
        <taskStatus>SUCCEED</taskStatus>
    </vxlanPortUpdatingStatus>