nsx-t – Networking & Security

Multi-tenancy in VMware NSX

4 Jan 20255 Jan 2025 by Farhan Patel, posted in Multi-tenancy, Network Security, nsx-t, Security, Software Defined Networking, Software Defined Networking, VMware NSX

The why? VMware NSX provides you the ability to configure multiple tenants using a single NSX Manager instance. This essentially removes the requirement to deploy multiple NSX managers in order to achieve isolation for different customers or different environments. This multi-tenancy will help in situations where there are multiple customers requiring networking and security resources … Continue reading Multi-tenancy in VMware NSX

NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

25 Sep 202327 Sep 2023 by Farhan Patel, posted in load balancer, nsx-t, Software Defined Networking, VMware NSX

Brief introduction about NSX-T Multi Site: Provides overlay networking which spans multiple locations. Consistent security using NSX Distributed Firewall in cases where the VM moves to another location. There is no Distributed Firewall configuration that needs to be updated in NSX when VM moves to other location. NSX use cases like logical switching, logical routing, … Continue reading NSX-T Multi Site and NSX Advanced Load Balancer in No Orchestrator Mode

VMware NSX Distributed Firewall

22 Jun 202322 Jun 2023 by Farhan Patel, posted in Network Security, nsx-t, Security, VMware NSX

Technical References: NSX-T Reference Design Guide VMware NSX-T Administration Guide VMware NSX Distributed Firewall is software defined Layer 7 stateful firewall which provides protection at vnic level of a virtual machine. Layer 7 Application ID, FQDN filtering, identity based fire-walling are important capabilities of NSX Distributed Firewall. A very popular use case of NSX Distributed … Continue reading VMware NSX Distributed Firewall

Multiple VDS’ on host for Overlay on compute hosts

18 Feb 202319 Feb 2023 by Farhan Patel, posted in nsx-t, Routing

Multiple VDS' for Overlay on compute hosts This use case is also referenced in NSX-T Reference Design Guide which mentions that starting with NSX 3.1, a host can have virtual switches part of different overlay transport zones and the TEPs on each virtual switch can be on different VLAN/IP subnets (still, all the TEPs … Continue reading Multiple VDS’ on host for Overlay on compute hosts

NSX v2T Migration Methodologies & introduction of user-defined topology in NSX-T 3.2

8 May 20228 May 2022 by Farhan Patel, posted in nsx-t, VMware NSX

Above mind map is based on the online Migration Coordinator Guide for NSX-T version 3.2 Brief about the methods: User defined Topology: This got introduced in version 3.2 and has two modes: Complete migration: which does not need additional hardware and will migrate NSX-V edges, DLRs, hosts and workloads. This mode allows you to map … Continue reading NSX v2T Migration Methodologies & introduction of user-defined topology in NSX-T 3.2

NSX-T Federation Stretched T0 gateway Active-Active with locations Primary & Secondary – OSPF in physical network

31 Mar 20221 Apr 2022 by Farhan Patel, posted in nsx-t

I have covered a couple of NSX-T Federation blogs earlier. In this blog, we will setup OSPF in the underlay network as opposed to BGP. And we will setup stretched T0 Gateway with Active-Active HA mode. We will be using additional redistribution control from NSX end to ensure traffic ingresses/egresses via physical gateway in one … Continue reading NSX-T Federation Stretched T0 gateway Active-Active with locations Primary & Secondary – OSPF in physical network

nsx-t federation stretched t0 gateway active & standby with locations primary & secondary

10 Sep 202110 Sep 2021 by Farhan Patel, posted in nsx-t

NSX-T Federation provides networking and security across multiple locations. With NSX Federation, you can manage multiple NSX-T Data Center environments with a single pane of glass view, create gateways and segments that span one or more locations, and configure and enforce firewall rules consistently across locations. NSX segments (overlay networks) can span multiple locations. Span of NSX segment … Continue reading nsx-t federation stretched t0 gateway active & standby with locations primary & secondary

NSX-T VRF Gateway

11 Jan 202125 Oct 2023 by Farhan Patel, posted in nsx-t, Routing

VRF Gateway feature in NSX-T is similar to VRF lite feature in physical networks in the following ways: Just like there is no need of another physical router for a separate routing instance using VRF lite feature, there is no need to deploy additional edges in case of NSX-T VRF gateways. This drastically reduces the … Continue reading NSX-T VRF Gateway

NSX-T Federation – Active Active Data Centers

21 Aug 202022 Aug 2020 by Farhan Patel, posted in nsx-t

NSX-T Federation - Active Active Data Centers This blog covers NSX-T Federation feature which allows L2 stretching between Data Centers as well as supports micro segmentation for workloads based on security tags. Earlier blogs covered NSX-T Federation with a single Tier 0 stretched Gateway. Here we explore how two Tier 0 Gateways can … Continue reading NSX-T Federation – Active Active Data Centers

NSX-V to NSX-T Migration using Layer 2 Bridging

27 Jun 202023 May 2022 by Farhan Patel, posted in nsx-t, VMware NSX

NSX-V to NSX-T Migration using Layer 2 Bridging This blog will explore how we can migrate workloads which are on hosts prepared for NSX-V to hosts prepared for NSX-T using NSX-T Layer 2 Bridging. Cluster Setup In the lab setup, four hosts ESXi 1 up to 4 are prepared for NSX-T and the remaining … Continue reading NSX-V to NSX-T Migration using Layer 2 Bridging