VMware NSX Microsegmentation – Securing Collapsed Architectures

VMware NSX Microsegmentation - Securing Collapsed Architectures As depicted in above topology, NSX-V Distributed Firewall feature is enabled. And as shown in figure above, firewall is effectively applied at each vNic of virtual machine. In this topology: BGP is used as routing protocoliBGP is used within NSXeBGP is used between NSX edges and the physical … Continue reading VMware NSX Microsegmentation – Securing Collapsed Architectures

Cross Vcenter NSX with BGP

We have covered cross vcenter NSX with OSPF previously.Here we cover cross vcenter NSX with BGP.In this above topology: There are two vcenters, one in the primary site and the other in DR site.Primary NSX manager is deployed in primary site.Secondary NSX manager is deployed in DR site.Primary NSX manager is linked with vcenter in … Continue reading Cross Vcenter NSX with BGP

Cross Vcenter NSX with OSPF

References: Cross Vcenter NSX Design Guide https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmware-multi-site-solutions-cross-vcenter-nsx-design-guide.pdf Intra area routes versus inter area routes https://blog.ipspace.net/2008/01/e1-and-e2-routes-in-ospf.html In one of the earlier posts, we have covered running OSPF in NSX domain. Here we try to cover running OSPF in a Cross Vcenter NSX setup. In the above topology: 1. There are two NSX managers. Primary NSX manager … Continue reading Cross Vcenter NSX with OSPF

Vrealize Network Insight 3.8 Installation

References:   VRNI Architecture: https://blogs.vmware.com/management/2016/10/vrealize-network-insight-3-1-scalability.html   Installation Guide: https://docs.vmware.com/en/VMware-vRealize-Network-Insight/3.8/vRealize-Network-Insight-Installation-Guide.pdf   This installation is broken down into two parts: - One for platform & - The other for Collector aka Proxy. During the deployment of OVA for Platform & Proxy, you will use Thin Provision as the virtual disk format. 1. The first step with regards … Continue reading Vrealize Network Insight 3.8 Installation

NSX Edge Load Balancer – One Arm Mode

In the topology above, NSX edge load balancer is deployed in one arm mode. NSX edge load balancer has a single layer 3 interface which is connected to Distributed Logical Router via a logical switch. This logical switch is dedicated for Load Balancing Tier. There is also a Web Tier hosting web servers and these … Continue reading NSX Edge Load Balancer – One Arm Mode

OSPF Routing Protocol in NSX

OSPF NSX         The above topology illustrates OSPF Totally NSSA setup in NSX domain.   Distributed logical router is handling east-west traffic within the data center while the edges E1 and E2 are handling north-south traffic.   Edges E1 and E2 are configured in ECMP mode which allows more bandwidth to flow … Continue reading OSPF Routing Protocol in NSX

Usage of VXLAN and VXLAN traffic flow

Traditionally, VLANs / Virtual LANs have been used to segment broadcast domains. Such segmentation has been beneficial due to numerous benefits: Smaller broadcast domains means fewer hosts that will process broadcasts from other hosts. This also saves CPU and memory of all involved devices in a broadcast domain. These VLANs are nowadys being replaced by … Continue reading Usage of VXLAN and VXLAN traffic flow

VMWare NSX Distributed Firewall

We tried to cover VXLAN and VXLAN traffic flow earlier. Every solution has three main components to it - Management, Control and Data Plane. NSX Manager is the management component of VMware NSX solution We now try to know more about Data Plane components of NSX. Data Plane of NSX has: ·         Logical Switch ·         … Continue reading VMWare NSX Distributed Firewall