NSX-T

NSX-T 3.0 Series:Part 3- Transport Zones & Transport Node Profiles

Manish Jha

In last post of this series, we learnt about uplink profiles and some design considerations about how to configure them. In this post we will learn about Transport Zones and Transport Node Profiles and I walk through steps of configuring the same.

If you have landed directly on this post by mistake, I would recommend reading previous articles from this blog series:

1: NSX-T Management & Control Plane Setup

2: Uplink Profiles in NSX-T

Let’s get started.

What is Transport Zone?

A transport zone is a logical container which controls which Hosts/VM’s can participate in a particular network by limiting what logical switches that a host can see. 

Segments aka logical switches when created, are attached to a transport zone. One logical switch can only be attached to one transport zone. So the host/cluster which is part of X transport zone where Y logical segment is attached, will be able to see those segments. Read More

NSX-T 3.0 Series:Part 2-Uplink Profiles

Manish Jha

In first post of this series, we learnt how to deploy NSX-T managers to form the management & control plane. In this post we will learn about uplink profiles and their use cases.

What is uplink Profile?

An uplink profile defines policies for the links from hypervisor hosts to NSX-T logical switches or from NSX Edge nodes to top-of-rack switches.

Uplink profiles allow you to consistently configure identical capabilities for network adapters across multiple hosts or nodes.

What settings we define on uplink profile?

The settings defined by uplink profiles include teaming policies, active/standby links, transport VLAN ID (ESXi TEP VLAN) and the MTU setting.

Before diving deep into uplink profiles, lets first discuss about various teaming policies that are available with uplink profiles. 

There are 3 teaming policies that can be configured while creating an uplink profile:

  • Failover Order: In this policy we specify one active uplink and one standby uplink.
Read More

NSX-T 3.0 Series:Part 1-Management & Control Plane Setup

Manish Jha

NSX-T, since its birth has gained a lot of momentum in just couple of years and can be easily considered as VMware’s next generation product for multi-hypervisor environments, container deployments, and native workloads running in public cloud environments. NSX-T truly provides a scalable network virtualization and micro-segmentation platform.

This blog series is focussed more on implementation of NSX-T, rather than theoretical concepts. If you are new to NSX-T, I would highly recommend reading VMware’s official documentation

The first post of this series is focussed on deploying NSX-T Managers, which forms management & control plane setup, so its a good idea to have understanding of NSX-T Architecture before going ahead.

NSX-T manager can be deployed in following form factors:

nsx-t form factor

Note: Current version of NSX-T is 3.0.1 and can be downloaded from Here

In my lab I have a 4 node vSAN cluster and vSphere 7 installed. All my hosts are equipped with 2 10 physical NIC’s.Read More

VMware Cloud Director-What’s New-NSX-T UI Enhancements

Manish Jha

With the release of VMware Cloud Director (Previously vCloud Director), a lot of NSX-T related UI enhancements are added. In this post I will walk through some of them.

Dedicated External Networks

With Cloud Director 10.1, an edge gateway can be provisioned with a dedicated external network. In this configuration, there is a one-to-one relationship between the external network and the edge gateway, and no other edge gateways can connect to this external network.

Note: Provider creates a T0 gateway within NSX-T and add it to Cloud Director as an external network. Once T0 is added, provider could convert an existing org gateway (T1) to this new dedicated T0, or create a new org gateway with Dedicated External Network option selected.

vCD-NSX-06

BGP and Route Advertisement

BGP peering  & Route Advertisement functionalities are added on Edge Gateway UI.

Route Advertisement

You can decide which of the network subnets that are attached to org gateway will be advertised to the dedicated external network.Read More

Learning NSX-T-Part 10: Logical Routing

Manish Jha

In last post of this series we created logical switches and established communication between the App and Web VM which were on same subnet and connected to same logical switch. In this post we will learn about logical routing.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

5: NSX Controllers Manual Deployment

6: Prepare Esxi host to form NSX-T Fabric

7: Configuring Uplink Profile

8: Configuring Transport Zone and Transport Nodes

9: Creating Logical Switches and Testing Connectivity

Optimal routing is one of the biggest challenges in any datacenter and NSX revolutionized the way how networking was used in infrastructure. 

NSX-v offered distributed routing to SDDC and because of this routing between different subnets on a Esxi hypervisor can be done in kernel and traffic never has to leave the hypervisor and thus eliminating the traffic hairpinning problems.Read More

Learning NSX-T-Part 9:Creating Logical Switches and Testing Connectivity

Manish Jha

In last post of this series we configured transport zones and transport nodes. We discussed about the modes of transport zone and also touch based on N-VDS. In this post we will learn how to create logical switches in NSX-T and we will test connectivity between vm’s attached to same logical switch.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

5: NSX Controllers Manual Deployment

6: Prepare Esxi host to form NSX-T Fabric

7: Configuring Uplink Profile

8: Configuring Transport Zone and Transport Nodes

Logical switch provides layer 2 connectivity for the virtual machines that are attached to the it. In last post we discussed that transport zones are of two types (Overlay and VLAN) and the type of logical switch is based on to which type of transport zone it connects to. Read More

Learning NSX-T-Part 8:Configuring Transport Zone and Transport Nodes

Manish Jha

In last post of this series we discussed about Uplink profiles. In this post we will learning about transport zones and its types.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

5: NSX Controllers Manual Deployment

6: Prepare Esxi host to form NSX-T Fabric

7: Configuring Uplink Profile

What is transport zone in NSX-T?

As per vmware documentation

A transport zone is a container that defines the potential reach of transport nodes. Transport nodes are hypervisor hosts and NSX Edges that will participate in an NSX-T overlay.

What is meant by above is that if two or more Esxi hosts that are configured as transport nodes participate in the same transport zone, then VMs on these different hosts using the overlay network can communicate with each other.Read More

Learning NSX-T-Part 7:Configuring Uplink Profile

Manish Jha

In last post of this series we prepared the Esxi host for NSX-T and we ensured that host connection to NSX manager was up and all necessary vib’s have been pushed on hosts. In this post we will learn about uplink profile.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

5: NSX Controllers Manual Deployment

6: Prepare Esxi host to form NSX-T Fabric

What is Uplink profile in NSX-T?

From VMware documentation:

An uplink profile defines policies for the links from hypervisor hosts to NSX-T logical switches or from NSX Edge nodes to top-of-rack switches.

Confused? All right lets simplify it a bit.

Uplink profile is pretty much similar to specifying the teaming policy when you enable VXLAN on Esxi host in NSX-v.… Read More

Learning NSX-T-Part 6: Host Preparation and forming NSX-T Fabric

Manish Jha

In last 2 post of this series, we discussed the automated and manual deployment of NSX controllers and how to form controller cluster. In this post we will learn how to do host preparation for NSX-T.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

5: NSX Controllers Manual Deployment

When we do host preparation, NSX-T pushes few vibs on the Esxi host (just like NSX-v) and once the hosts are prepared they are known as fabric nodes. All Esxi host that are fabric nodes have NSX-T modules installed and are registered with the NSX-T management plane.

Before jumping into host preparation task, ensure that  install-upgrade service status on NSX-T manager is reporting as running. If this service is down, NSX manager won’t be able to push the vibs onto the ESXi hosts when we add them in the fabric.Read More

Learning NSX-T-Part 5: NSX Controllers Manual Deployment & Clustering

Manish Jha

In last post of this series, we learnt how to deploy NSX-T controllers automatically via NSX manager and we saw its pretty much same as deploying controllers in a NSX-V environment. 

In this post we will learn how to deploy the NSX controllers manually. 

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

Manual steps are a bit lengthy and complex so we have to be careful with the sequence of commands which we will be running to form controllers cluster. Before deploying the controller nodes, make sure following prerequisites are met:

  • vCenter Server and ESXi hosts are deployed.
  • Esxi hosts have been added to vCenter and networking and storage configuration on hosts are in place. 
  • NSX Manager is deployed.
  • ESXi host must have enough CPU, memory, and hard disk resources to support controller deployment.
Read More