The NSX Edge can be configured to provide site-to-site VPN connectivity using IPsec. If you’;re not familiar with IPsec, I suggest having a read up on that first. As IPsec is a standard, information already published will be transferable. An NSX Edge can connect to any other device that supports IPsec. If a peer is not an NSX Edge, you need to verify that it will be compatible. The NSX Edge supports the following.

Today I took a shot at the VCP6-NV exam. Leading up to the exam I was feeling good. Through my head, I could run through packet flows, the security types. I knew how to put the pieces together and make NSX work. Even could recall those trivia details that after an exam we always just end up googling when building a design. Let’;s start on the positive, what went right. A large part of my NSX based questions revolved around behaviour and steps.

The Logical Router (Distributed Logical Router) is installed on ESXi hosts as a VIB by the NSX manager during host preparation. The installation does not require any interruption to ESXi hosts. Removal of the VIB does require a host restart though. The DLR runs in kernel space and sits on the data plane. A Logical Router is defined as an instance. Each DLR created is an instance and participating hosts receive a copy of the instance.

Whenever evaluating a product / technology, the question of “What problem does this solve?” should always be asked. Many times. This is how we understand the value and justify the expense, which can be very substantial. With that in mind, lets jump into some NSX Use Cases. Security NSX has a lot of features and capabilities, but security is probably the biggest draw card, especially micro-segmentation. In a traditional network, it’s very difficult and cumbersome to segregate workloads on the same L2 domain.

Switching: NSX switching resides on the data plane and utilises VMware vDS. Logical Switches are port groups on a vDS that are used for VXLAN traffic. Distributed port groups can also be used, but only for VLAN traffic. Routing: Distributed routing, enabling routing to take place in kernel, without the need for traffic to enter the physical network. Dynamic routing is supported with OSPF, BGP and ISIS. Active / Active routing failover with physical routing.

Let’s crack open a can of acronym soup, because NSX is full of them. Seriously, typing about NSX makes my pinky fingers real shift workers. Software Defined Networking (SDN): Software-defined anything refers to decoupling the management from physical architecture. SDN is moving the management and configuration of the Datacentre Network away from the physical devices (underlay) to a central platform (overlay). Network Edge: In NSX the Edge (or NSX Edge) is the point where traffic leaves NSX network to traverse another (Typically physical) network.

Theory of Design is a new series for the vBrownBag APAC podcast. Intended to take a vendor agnostic look at design practices and principals. The series will provide the tools needed to assess, build and communicate solutions regardless of the vendor or product classification. The series will cover a number of topics (listed in more detail below), covering areas such as; capacity planning, client engagement, and risks. I am looking for presenters with experience in designing solutions and project delivery, not only from a technology perspective but also a business perspective.

 Before we go through my experience with VMUG over the last 12 months, it’s probably a good idea to cover what VMUG is. VMUG is a community for VMware Users and Partners, which has a large focus on providing education, events and a community for it’s members. There are a lot of regional VMUGs around the world for people to join. Each VMUG is locally run, so meeting frequency and formats are likely to vary.