FTF 008: How to enumerate change NSX Logical Switch VNI?

By | December 27, 2018

Recently I needed to prepare a procedure to reconfigure NSX environments and one of the tasks was changing NSX Logical Switch VNI (VXLAN Network Identifier). When you create a new Logical Switch, NSX takes VNI from a special pool (The Segment ID Pool - in the range 5000-16777216 so more than 16000000 networks are possible but in practice more than 10000 is not required). Of course, there are some VMware limitations that it would not possible to use all possible networks because e.g. vCenter currently supports only max 10000 port groups. Sometimes it would be necessary to change VNI. You can't specify VNI directly (at least I do not know how to do it) but you can change a segment id used for Logical Switch VNI. Via GUI, you modify only the default segment (id nr 1). You can create additional segment if necessary as described below.

Preparations

  • Changing the Logical Switch VNI is possible via REST API. There is a handful tool - Postman that can be used to perform this task. If you don't have it please follow Postman Official Download Page.
  • A new range for temporary or next Segment ID.
  • Logical Switch virtual wire number needed to be replaced.

Procedure

Shutdown VMs connected to Logical Switches.

To avoid any unplanned events 😉 please shutdown all VMs connected to Logical Switches that you are going to re-configure.

Create a temporary Segment ID

At first, it is necessary to create an additional Segment ID (it does not have to be temporary) that will be used to change VNI of Logical Switch. To create the Segment ID please use e.g. Postman and run:

POST https://nsx-mgr-fqdn-ip/api/2.0/vdn/config/segments

where nsx-mgr-fqdn-ip is a fqdn or ip an NSX Manager (1), body of the request (2) and response with segment ID (3) as shown on the below screenshot:

FTF 008 How to enumerate or change NSX Logical Switch VNI

Change Logical Switch VNI to/from another Segment ID

To change Logical Switch VNI please run:

PUT https://nsx-mgr-fqdn-ip/api/2.0/vdn/virtualwires/virtualwire-XX/segmentreconfig/Y

where XX is a virtual wire number and Y is a segment ID (in my case 5).

That's all. Now you can confirm that Logical Switch VNI was changed and then you can power on VMs. I needed to use this procedure to remove duplicated VNI between NSX Domains and my segment was temporary. If you are in a similar situation, to delete unnecessary segment (no Logical Switches use it) please run:

DELETE https://nsx-mgr-fqdn-ip/api/2.0/vdn/config/segments/Y

Important: This is not a step by step procedure. You have to know how to use Postman, understand NSX API to perform above tasks.

Useful links

NSX API Guide