NSX-T Layer 2 Bridging

 Layer 2 Bridging One important use case of layer 2 bridging is migration of physical to virtual machines. Here the same IP subnet is split between virtual machines backed by overlay network and physical machines backed by VLAN backed distributed port group. There will be times when certain physical machines cannot leverage virtualization. Layer 2 … Continue reading NSX-T Layer 2 Bridging

NSX-T Routing Configuration

NSX-T Routing Configuration Overall Topology used in the lab Pre-requisites like NSX-T manager installation, preparing and configuring compute host transport nodes, preparing and configuring edge transport nodes are covered here.As shown in the topology above, two Tier 0 gateways are configured in the lab.One Tier 0 gateway is configured in Active-Active High Availability mode and … Continue reading NSX-T Routing Configuration

Palo Alto service insertion for Cross Vcenter NSX-V

Palo Alto service insertion for Cross Vcenter NSX-V  References: Multi-site with Cross-VC NSX and Palo Alto Networks Security https://blogs.vmware.com/networkvirtualization/2016/09/multi-site-cross-vc-nsx-palo-alto-networks-security.html/ Cross Vcenter NSX design guide https://blogs.vmware.com/networkvirtualization/2016/07/nsx-v-multi-site-options-cross-vc-nsx-design-guide.html/ Palo Alto service insertion in a single vcenter hosted in single DC   A brief about the Software Defined Data Center topology above: - A single vcenter.- A single NSX manager- … Continue reading Palo Alto service insertion for Cross Vcenter NSX-V

Installation of NSX T 2.4 Compute Host Transport Nodes

Installation of NSX T 2.4 Compute Host Transport Nodes Compute Host Transport Nodes are hypervisors which are prepared for NSX-T.   Once the hypervisors are prepared for NSX-T, N-VDS is instantiated on those hosts.   More about those details are here in this post.   Compute Host Connectivity and Teaming Policy     Compute hosts … Continue reading Installation of NSX T 2.4 Compute Host Transport Nodes

NSX-T 2.4 Edge Transport Node Installation

NSX-T 2.4 Edge Transport Node Installation In this lab, I am going to install NSX-T Edge Transport Nodes as VMs NSX-T Edge Node VMs could be of VM form factor or could be baremetal. Edge Node VM connectivity using a DVS The above diagram shows that the vnics of Edge Transport Node VMs are mapped … Continue reading NSX-T 2.4 Edge Transport Node Installation

NSX-T Routing

NSX-T Routing References: NSX-T Reference Design Before we discuss the routing part, it is essential to cover key topics related to NSX-T 1. N-VDS 2. Transport Zone 3. Compute Host Transport Nodes 4. Edge Transport Nodes 1. N-VDS Is responsible for switching packets and is responsible for forwarding traffic between VMs or between VMs and … Continue reading NSX-T Routing

NSX-T 2.4 Manager and Controllers Installation

NSX-T 2.4 Manager and Controllers Installation Resources: NSX-T Data Center Installation Guide https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/installation/GUID-3E0C4CEC-D593-4395-84C4-150CD6285963.html You need to go through the NSX-T Data Center Installation guide. https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/installation/GUID-3E0C4CEC-D593-4395-84C4-150CD6285963.html The first thing to do while installing NSX-T 2.4 unified appliance is to download the appropriate OVF file from VMware portal. Next, verify the checksum and make sure the file … Continue reading NSX-T 2.4 Manager and Controllers Installation

Troubleshooting Distributed Firewall in NSX-V – How to check firewall rules for a VM

Troubleshooting Distributed Firewall in NSX-V Blog reference: https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.troubleshooting.doc/GUID-20234847-3E7A-4FE8-AEE1-31FFB3652481.html  In my earlier post on Microsegmentation, we referenced the below topology and we put the workloads for different tiers - Web, App and DB on the same NSX Logical Switch.With NSX micro segmentation, firewall is applied at vnic level of each virtual machine. Topology Below firewall rules … Continue reading Troubleshooting Distributed Firewall in NSX-V – How to check firewall rules for a VM

Cross Vcenter NSX using Local Egress (Active-Active)

Cross Vcenter NSX using Local Egress The above topology has been used for the purpose of this lab. In this blog post, we are going to cover Active Active Cross Vcenter NSX.BGP is used as a routing protocol in this setup above.And appropriate BGP peerings have been illustrated in topology above.We are using eBGP between … Continue reading Cross Vcenter NSX using Local Egress (Active-Active)

VMware NSX Microsegmentation – Securing Collapsed Architectures

VMware NSX Microsegmentation - Securing Collapsed Architectures As depicted in above topology, NSX-V Distributed Firewall feature is enabled. And as shown in figure above, firewall is effectively applied at each vNic of virtual machine. In this topology: BGP is used as routing protocoliBGP is used within NSXeBGP is used between NSX edges and the physical … Continue reading VMware NSX Microsegmentation – Securing Collapsed Architectures