Part-1 VMware NSX – Network & Security Virtualization

Posted on by

In this series of blogs we will cover the architectural components of VMware NSX.VMware NSX is a Software Defined Network Virtualization and Security solution offered by VMware to support Virtual Machine and cloud native applications in an on-premise as well as VMware’s cloud hosted on hyperscaler environment.

VMware NSX provides complete set of Networking services like Routing, Switching, Firewalling, Loadbalancing and QoS. In this blog of VMware NSX we will cover NSX Architecture Components and in the following blogs we will talk about all these services in detail.

A typical Production NSX deployment comprises of NSX Manager Appliances and Transport Nodes. There are Planes which run across these 2 type of Nodes which are as follows:

Management Plane: Management Plane resides inside the NSX Manager Appliances. Management Plane is responsible for storing the desired configuration inside a database which is replicated across the 3 NSX Manager Appliances which run as 3 Virtual Machines.

Management Plane also acts as a User Interface as well as the entry point for the programmatic users.

Control Plane: Control Plane resides inside a NSX Controller element which also resides inside the NSX Manager Appliances with the latest releases of NSX. In the earlier releases of NSX, NSX Controllers used to reside inside separate Virtual Machines. Control Plane is responsible for pushing the configuration entered by the user using UI or APIs to the Data Plane.

Management Plane and Control Plane are bundled in a virtual machine called NSX Manager Appliance. NSX Manager Appliance is clustered into 3 Appliances for Production deployments to ensure High Availability.

Data Plane: Data Plane is responsible for performing stateless packet forwarding and the user data passes through the Data Plane. Data Plane comprises of Transport Nodes which can be an ESXi Host, Edge VM or a Bare Metal Server. KVM hosts were supported in the earlier NSX releases however with the latest release of NSX, KVM Hosts are no longer supported as a Transport Node.

Transport Nodes: A Transport Node is a Node which is prepared for NSX, runs the local control plane daemon and forwarding engines implementing NSX Data plane. A Transport Node can be an Edge VM, ESXi Host or a Bare Metal Server.

Edge Transport Node: NSX Edge Transport nodes are service appliances dedicated to running centralized network services that cannot be distributed to the hypervisors like North/South routing, load balancing, DHCP, VPN, NAT, etc. They can be instantiated as a bare metal appliance or in virtual machine form factor. They are grouped in one or several clusters. Each cluster is representing a pool of capacity.

Host Transport Node: Host Transport Nodes are ESXi Hypervisors which runs the distributed Network services. NSX used to support KVM as well as a Host Transport Node but in the latest releases support for KVM as a Host Transport Node has been withdrawn.

In the next blog, we will talk about the Distributed Routing in VMware NSX.

I hope this blog was informative for you, stay tuned for our upcoming blogs. Happy Learning!!

#vmware #nsx #sdn #network #networking #routing #switching #firewall #loadbalancer #manager #NAT #DHCP #VPN #cloud #private #public #ESXi #transport #node

Leave a Reply