Following on from the last post here are my remaining key points:
- L2 Bridging – Single vDs only supported
- DLR’s don’t place two DLR uplinks in the same Transport Zone
- OSPF – Consider setting the OSPF timers to an aggressive setting if you have a requirement to do so lowest setting is – Hello 1 Sec / Dead 3 Secs ( on Physical Router as well – set both sides i.e. the physical as well but note it might limit what you can set as an aggressive timer ) (10 Hello /40 Dead is the default protocol timeout)
- Recommendation is to use anti-affinity rules to prevent deploying the DLR Control VM on the same ESXi host with an Active ESG – to prevent losing the DLR control VM and the Edge with the summary routes on (if you have set them – you should have! 😉 )
- When applying DFW rules on the cluster object if you move VM’s between clusters then there is a few second outage on protection while the new rules are applied
-
Security policy weights – higher number takes priority e.g. 2000 higher than 1000