You can change the port used for VXLAN traffic.

About this task

In NSX 6.2.3 and later, the default VXLAN port is 4789, the standard port assigned by IANA. Before NSX 6.2.3, the default VXLAN UDP port number was 8472.

Any new NSX installations will use UDP port 4789 for VXLAN.

If you upgrade from NSX 6.2.2 or earlier to NSX 6.2.3 or later, and your installation used the old default (8472), or a custom port number (for example, 8888) before the upgrade, that port will continue to be used after the upgrade unless you take steps to change it.

If your upgraded installation uses or will use hardware VTEP gateways (ToR gateways), you must switch to VXLAN port 4789.

Cross-vCenter NSX does not require that you use 4789 for the VXLAN port, however, all hosts in a cross-vCenter NSX environment must be configured to use the same VXLAN port. If you switch to port 4789, this will ensure that any new NSX installations added to the cross-vCenter NSX environment are using the same port as the existing NSX deployments.

Changing the VXLAN port is done in a three phase process, and will not interrupt VXLAN traffic.

  1. NSX Manager configures all hosts to listen for VXLAN traffic on both the old and new ports. Hosts continue to send VXLAN traffic on the old port.

  2. NSX Manager configures all hosts to send traffic on the new port.

  3. NSX Manager configures all hosts to stop listening on the old port, all traffic is sent and received on the new port.

In a cross-vCenter NSX environment you must initiate the port change on the primary NSX Manager. For each stage, the configuration changes are made on all hosts in the cross-vCenter NSX environment before proceeding to the next stage.

Prerequisites

  • Verify that the port you want to use for VXLAN is not blocked by a firewall.

  • Verify that host preparation is not running at the same time as the VXLAN port change.

Procedure

  1. Click the Logical Network Preparation tab, then click VXLAN Transport.
  2. Click the Change button in the VXLAN Port panel. Enter the port you want to switch to. 4789 is the port assigned by IANA for VXLAN.

    It will take a short time for the port change to propagate to all hosts.

  3. (Optional) : Check the progress of the port change with the GET /api/2.0/vdn/config/vxlan/udp/port/taskStatus API request.
    GET https://nsxmgr-01a/api/2.0/vdn/config/vxlan/udp/port/taskStatus
    <?xml version="1.0" encoding="UTF-8"?>
    <vxlanPortUpdatingStatus>
        <prevPort>8472</prevPort>
        <targetPort>4789</targetPort>
        <taskPhase>PHASE_TWO</taskPhase>
        <taskStatus>PAUSED</taskStatus>
    </vxlanPortUpdatingStatus>

    ...

    <?xml version="1.0" encoding="UTF-8"?>
    <vxlanPortUpdatingStatus>
        <prevPort>8472</prevPort>
        <targetPort>4789</targetPort>
        <taskPhase>FINISHED</taskPhase>
        <taskStatus>SUCCEED</taskStatus>
    </vxlanPortUpdatingStatus>