Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Learning VMware NSX, Second Edition

You're reading from   Learning VMware NSX, Second Edition Next-generation network administration skills revealed

Arrow left icon
Product type Paperback
Published in Aug 2017
Publisher Packt
ISBN-13 9781788398985
Length 254 pages
Edition 2nd Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Ranjit Singh Thakurratan Ranjit Singh Thakurratan
Author Profile Icon Ranjit Singh Thakurratan
Ranjit Singh Thakurratan
Arrow right icon
View More author details
Toc

Table of Contents (10) Chapters Close

Preface 1. Introduction to Network Virtualization FREE CHAPTER 2. NSX Core Components 3. NSX Installation and Configuration 4. NSX Functional Services 5. Edge Services Gateway 6. Service Composer 7. Monitoring 8. Managing NSX 9. Conclusion

NSX features and services

Before we get started with NSX, it is important to understand some of its features and services.

NSX 6.2 is the current NSX version as of this writing.

Some NSX features are listed as follows. We will discuss these features in great detail in the following chapters:

  • Logical switching: NSX allows the ability to create L2 and L3 logical switching that enables workload isolation and separation of IP address space between logical networks. NSX can create logical broadcast domains in the virtual space that prevent the need to create any logical networks on the physical switches. This means you are no longer limited to 4096 physical broadcast domains (VLANS).
  • NSX gateway services: The Edge gateway services interconnect your logical networks with your physical networks. This means a virtual machine connected to a logical network can send and receive traffic directly to your physical network through the gateway.
  • Logical routing: Multiple virtual broadcast domains (logical networks) can be created using NSX. As multiple virtual machines subscribe to these domains, it becomes important to be able to route traffic from one logical switch to another. Logical routing helps achieve this by routing traffic between logical switches, or even between a logical switch and public networks. Logical routing can be extended to perform east-west routing that saves unnecessary network hops, increasing network efficiency. Logical routers can also provide north-south connectivity allowing access to workloads living in the physical networks. Logical routers also help avoid hairpinning of traffic, thereby increasing network efficiency.
East-west traffic is traffic between virtual machines within a datacenter. In the current context, this typically will be traffic between logical switches in a VMware environment.
North-south traffic is traffic moving in and out of your datacenter. This is any traffic that either enters your datacenter or leaves your datacenter.
  • Logical firewall: NSX allows you the option of a distributed logical firewall or an Edge firewall for use within your software-defined networking architecture. A distributed logical firewall allows you to build rules based on attributes that include not just IP addresses and VLANs, but also virtual machine names and vCenter objects. The Edge gateway features a firewall service that can be used to impose security and access restrictions on north-south traffic.
  • Extensibility: There are third-party VMware partner solutions to integrate directly into the NSX platform that allow a vendor choice in multiple service offerings. There are many VMware partners who offer solutions such as traffic monitoring, IDS, and application firewall services that can integrate directly into NSX. This enhances management and end user experience by having one management system to work with.

The features listed earlier enable NSX to offer a wide variety of services that can be consumed in your infrastructure. These services can be deployed and configured by the NSX API as well. Some of the NSX services are listed as follows:

  • Load balancer: NSX Edge offers a variety of services and the logical load balancer is one of them. The logical load balancer distributes incoming requests among multiple servers to allow for load distribution while abstracting this functionality from end users. The logical load balancer can also be used as a high availability (HA) mechanism to ensure your application has the most uptime.
  • Virtual private networks (VPN): The NSX Edge offers the VPN service that allows you to provision secure encrypted connectivity for end users to your applications and workloads. Edge VPN service offers SSL-VPN plus it allows for user access and IPSEC site-to-site connectivity, which enables two sites to be interconnected securely.
  • Dynamic Host Configuration Protocol (DHCP): NSX Edge offers DHCP services that allow IP address pooling, and also static IP assignments. An administrator can now rely on the DHCP service to manage all IP addresses in your environment, rather than having to maintain a separate DHCP service. The DHCP service can also relay DHCP requests to your existing DHCP server as well. The NSX Edge DHCP service can relay any DHCP requests generated from your virtual machines to a pre-existing physical or virtual DHCP server, without any interruptions.
  • Domain name system (DNS): NSX Edge offers a DNS relay service that can relay any DNS requests to an external DNS server.
  • Service composer: The service composer allows you to allocate network and multiple security services to security groups. Virtual machines that are part of these security groups are automatically allocated the services.
  • Data security: NSX data security provides visibility into sensitive data, ensures data protection, and reports back on any compliance violations. A data security scan on designated virtual machines allows NSX to analyze and report back on any violations based on the security policy that applies to these virtual machines.

Other NSX features include cross-vCenter networking and security, which allow you to manage multiple vCenter NSX environments using a primary NSX manager. This not only allows centralized management, but also extends one or more services and features across multiple vCenter environments. We will talk more about cross vCenter networking in the upcoming chapters.

You have been reading a chapter from
Learning VMware NSX, Second Edition - Second Edition
Published in: Aug 2017
Publisher: Packt
ISBN-13: 9781788398985
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image