NSX-T Routing References: NSX-T Reference Design Before we discuss the routing part, it is essential to cover key topics related to NSX-T 1. N-VDS 2. Transport Zone 3. Compute Host Transport Nodes 4. Edge Transport Nodes 1. N-VDS Is responsible for switching packets and is responsible for forwarding traffic between VMs or between VMs and … Continue reading NSX-T Routing
Category: VMware NSX
NSX-T 2.4 Manager and Controllers Installation
NSX-T 2.4 Manager and Controllers Installation Resources: NSX-T Data Center Installation Guide https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/installation/GUID-3E0C4CEC-D593-4395-84C4-150CD6285963.html You need to go through the NSX-T Data Center Installation guide. https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.4/installation/GUID-3E0C4CEC-D593-4395-84C4-150CD6285963.html The first thing to do while installing NSX-T 2.4 unified appliance is to download the appropriate OVF file from VMware portal. Next, verify the checksum and make sure the file … Continue reading NSX-T 2.4 Manager and Controllers Installation
Troubleshooting Distributed Firewall in NSX-V – How to check firewall rules for a VM
Troubleshooting Distributed Firewall in NSX-V Blog reference: https://docs.vmware.com/en/VMware-NSX-Data-Center-for-vSphere/6.4/com.vmware.nsx.troubleshooting.doc/GUID-20234847-3E7A-4FE8-AEE1-31FFB3652481.html In my earlier post on Microsegmentation, we referenced the below topology and we put the workloads for different tiers - Web, App and DB on the same NSX Logical Switch.With NSX micro segmentation, firewall is applied at vnic level of each virtual machine. Topology Below firewall rules … Continue reading Troubleshooting Distributed Firewall in NSX-V – How to check firewall rules for a VM
Cross Vcenter NSX using Local Egress (Active-Active)
Cross Vcenter NSX using Local Egress The above topology has been used for the purpose of this lab. In this blog post, we are going to cover Active Active Cross Vcenter NSX.BGP is used as a routing protocol in this setup above.And appropriate BGP peerings have been illustrated in topology above.We are using eBGP between … Continue reading Cross Vcenter NSX using Local Egress (Active-Active)
VMware NSX Microsegmentation – Securing Collapsed Architectures
VMware NSX Microsegmentation - Securing Collapsed Architectures As depicted in above topology, NSX-V Distributed Firewall feature is enabled. And as shown in figure above, firewall is effectively applied at each vNic of virtual machine. In this topology: BGP is used as routing protocoliBGP is used within NSXeBGP is used between NSX edges and the physical … Continue reading VMware NSX Microsegmentation – Securing Collapsed Architectures
Cross Vcenter NSX with BGP
We have covered cross vcenter NSX with OSPF previously.Here we cover cross vcenter NSX with BGP.In this above topology: There are two vcenters, one in the primary site and the other in DR site.Primary NSX manager is deployed in primary site.Secondary NSX manager is deployed in DR site.Primary NSX manager is linked with vcenter in … Continue reading Cross Vcenter NSX with BGP
Cross Vcenter NSX with OSPF
References: Cross Vcenter NSX Design Guide https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmware-multi-site-solutions-cross-vcenter-nsx-design-guide.pdf Intra area routes versus inter area routes https://blog.ipspace.net/2008/01/e1-and-e2-routes-in-ospf.html In one of the earlier posts, we have covered running OSPF in NSX domain. Here we try to cover running OSPF in a Cross Vcenter NSX setup. In the above topology: 1. There are two NSX managers. Primary NSX manager … Continue reading Cross Vcenter NSX with OSPF
Vrealize Network Insight 3.8 Installation
References: VRNI Architecture: https://blogs.vmware.com/management/2016/10/vrealize-network-insight-3-1-scalability.html Installation Guide: https://docs.vmware.com/en/VMware-vRealize-Network-Insight/3.8/vRealize-Network-Insight-Installation-Guide.pdf This installation is broken down into two parts: - One for platform & - The other for Collector aka Proxy. During the deployment of OVA for Platform & Proxy, you will use Thin Provision as the virtual disk format. 1. The first step with regards … Continue reading Vrealize Network Insight 3.8 Installation
NSX Edge Load Balancer – One Arm Mode
In the topology above, NSX edge load balancer is deployed in one arm mode. NSX edge load balancer has a single layer 3 interface which is connected to Distributed Logical Router via a logical switch. This logical switch is dedicated for Load Balancing Tier. There is also a Web Tier hosting web servers and these … Continue reading NSX Edge Load Balancer – One Arm Mode
OSPF Routing Protocol in NSX
OSPF NSX The above topology illustrates OSPF Totally NSSA setup in NSX domain. Distributed logical router is handling east-west traffic within the data center while the edges E1 and E2 are handling north-south traffic. Edges E1 and E2 are configured in ECMP mode which allows more bandwidth to flow … Continue reading OSPF Routing Protocol in NSX
Networking & Security 