If one of the sites that you want to stretch is not backed by NSX, you can deploy a standalone edge as the L2 VPN client on that site.
Before you begin
You have created a trunk port group for the trunk interface of the standalone edge to connect to. This port group requires some manual configuration:
If the trunk port group is on a vSphere Standard Switch you must do the following:
Enable forged transmits
Enable promiscuous mode
See the vSphere Networking Guide.
If the trunk port group is on a vSphere Distributed Switch you must do the following:
Enable forged transmits. See the vSphere Networking Guide.
Enable sink port for the trunk vNic, or enable promiscuous mode. Enabling a sink port is the recommended best practice.
Sink port configuration must be done after the standalone edge has been deployed, because you need to change the configuration of the port connected to the edge trunk vNIC.
- Using vSphere Web Client, log in to the vCenter Server that manages the non-NSX environment.
- Select and expand clusters to show the available hosts.
- Right-click the host where you want to install the standalone Edge and select Deploy OVF Template.
- Enter the URL to download and install the OVF file from the internet or click Browse to locate the folder on your computer that contains the standalone Edge OVF file and click Next.
- On the OVF Template Details page, verify the template details and click Next.
- On the Select name and folder page, type a name for the standalone Edge and select the folder or datacenter where you want to deploy. Then click Next.
- On the Select storage page, select the location to store the files for the deployed template.
- On the Select networks page, configure the networks the deployed template should use. Click Next.
The Public interface is the uplink interface.
The Trunk interface is used to create sub-interfaces for the networks that will be stretched. Connect this interface to the trunk port group you created.
- On the Customize Template page, specify the following values.
- Type and retype the CLI admin password.
- Type and retype the CLI enable password.
- Type and retype the CLI root password.
- Type the uplink IP address and prefix length, and optionally default gateway and DNS IP address.
- Select the cipher to be used for authentication. This should match the cipher used on the L2VPN server.
- To enable Egress Optimization, type the gateway IP addresses for which traffic should be locally routed or for which traffic is to be blocked over the tunnel.
- Type the L2 VPN server address and port.
- Type the user name and password with which the peer site is to be authenticated.
- In Sub Interfaces VLAN (Tunnel ID), type VLAN ID(s) of the network(s) you want to stretch. You can list the VLAN IDs as a comma separated list or range. For example, 2,3,10-20.
If you want to change the VLAN ID of the network before stretching it to the standalone Edge site, you can type the VLAN ID of the network and then type the tunnel ID in brackets. For example, 2(100),3(200). The Tunnel ID is used to map the networks that are being stretched. However, you cannot specify the tunnel ID with a range. So this would not be allowed: 10(100)-14(104). You would need to rewrite this as 10(100),11(101),12(102),13(103),14(104).
- If the standalone NSX Edge does not have direct access to the internet and needs to reach the source (server) NSX Edge via a proxy server, type the proxy address, port, user name, and password.
- If a Root CA is available, you can paste it in to the Certificate section.
- Click Next.
- On the Ready to complete page, review the standalone Edge settings and click Finish.
What to do next
Power on the standalone Edge virtual machine.
Note the trunk vNIC port number and configure a sink port. See Configure a Sink Port .
Make any further configuration changes with the standalone edge command line interface. See the NSX Command Line Interface Reference.