Author: Farhan Patel

VMware HCX – Network Extension between sites

by Farhan Patel, posted in Software Defined Networking, VMware HCX, VMware NSX

Network extension use-case of VMware HCX allows us to extend networks from one site to another thereby allowing VMs to be migrated to target site by retaining the same IP addressing and avoiding any change of IP addressing for the workloads being migrated. In my previous post about VMware HCX titled 'VMware HCX use cases … Continue reading VMware HCX – Network Extension between sites

Multi-tenancy in VMware NSX

by Farhan Patel, posted in Multi-tenancy, Network Security, nsx-t, Security, Software Defined Networking, Software Defined Networking, VMware NSX

The why? VMware NSX provides you the ability to configure multiple tenants using a single NSX Manager instance. This essentially removes the requirement to deploy multiple NSX managers in order to achieve isolation for different customers or different environments. This multi-tenancy will help in situations where there are multiple customers requiring networking and security resources … Continue reading Multi-tenancy in VMware NSX

VMware HCX use cases and HCX Architecture

by Farhan Patel, posted in VMware HCX

HCX Use cases: Workload migration from legacy infrastructure to modern Software Defined Data Center, for example a new software defined data center as a destination powered by VMware Cloud Foundation with the latest software releases. Workload migration from non-vSphere infrastructure as a source to latest VMware infrastructure as a destination/target. This is useful for customers … Continue reading VMware HCX use cases and HCX Architecture

BGP EVPN with VXLAN

by Farhan Patel, posted in Network Design, Routing, Software Defined Networking

Technical references: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/guide-c07-734107.html About VXLAN: VXLAN is a network virtualization technology that allows for the extension of Layer 2 networks over a Layer 3 physical infrastructure. It helps overcome the limitations of traditional VLANs, especially in large data centers. VXLAN allows much better scalability as compared to traditional VLANs with the ability to provision many … Continue reading BGP EVPN with VXLAN

Securing virtual machines using NSX Distributed Firewall and migrating traditional networks to NSX overlay networking

by Farhan Patel, posted in Network Security, Software Defined Networking, VMware NSX

Why VMware NSX? VMware NSX is L2 to L7 network virtualization and advanced security platform. NSX overlay networks which are backed by Geneve overlay protocol provide software defined networking capabilities. Overlay networking allows cloud scale networking whereby multiple overlay networks (NSX overlay segments backed by NSX overlay transport zone) related to multiple tenants can be … Continue reading Securing virtual machines using NSX Distributed Firewall and migrating traditional networks to NSX overlay networking

NSX Federation – Peering with physical firewall cluster across two locations

by Farhan Patel, posted in Uncategorized

NSX Federation: Provides single pane of glass for managing networking and security constructs of more than one location. Allows stretching of overlay networks between locations VM mobility between locations using the same IP address. This is possible because NSX Federation ensures same network is available across multiple locations. Recover VMs in disaster recovery location using … Continue reading NSX Federation – Peering with physical firewall cluster across two locations

NSX-T VRF Gateway use-case and Traffic Flows

by Farhan Patel, posted in Network Design, Routing, Software Defined Networking, VMware NSX

Similar to routers with VRF lite feature, NSX Tier 0 Gateway supports VRF gateway feature which allows multiple VRF gateways to exist under the parent Tier 0 Gateway. Based on the VMware configmax portal, NSX version 4.1.2 supports up to 100 VRF gateways per edge node. VRF gateways in NSX save CPU, memory and storage … Continue reading NSX-T VRF Gateway use-case and Traffic Flows

NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

by Farhan Patel, posted in load balancer, nsx-t, Software Defined Networking, VMware NSX

Brief introduction about NSX-T Multi Site: Provides overlay networking which spans multiple locations. Consistent security using NSX Distributed Firewall in cases where the VM moves to another location. There is no Distributed Firewall configuration that needs to be updated in NSX when VM moves to other location. NSX use cases like logical switching, logical routing, … Continue reading NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

VMware NSX for Identity Firewall Use Case

by Farhan Patel, posted in Network Security, Security, VMware NSX

Identity firewall Identity firewall IDFW enables one to configure distributed firewall rules based on Active Directory user group. Identity firewall can be utilized for virtual desktops, remote desktop sessions RDSH and also for physical machines. VMware NSX will control access to the target/destination servers based on the user logged in to the source VM. In … Continue reading VMware NSX for Identity Firewall Use Case

VMware NSX Distributed Firewall

by Farhan Patel, posted in Network Security, nsx-t, Security, VMware NSX

Technical References: NSX-T Reference Design Guide VMware NSX-T Administration Guide VMware NSX Distributed Firewall is software defined Layer 7 stateful firewall which provides protection at vnic level of a virtual machine. Layer 7 Application ID, FQDN filtering, identity based fire-walling are important capabilities of NSX Distributed Firewall. A very popular use case of NSX Distributed … Continue reading VMware NSX Distributed Firewall