VMware

Unlocking Network and Security Virtualization with VMware NSX

Leave a comment

VMware NSX: Architecture Components and Distributed Routing

In this series of blogs, we will delve into the architectural components of VMware NSX, a software-defined network virtualization and security solution offered by VMware. In our previous blog, we discussed the different types of nodes that make up a typical production NSX deployment, including NSX Manager appliances and transport nodes. In this blog, we will focus on the management plane, control plane, data plane, and distributed routing in VMware NSX.

Management Plane

The management plane is responsible for storing the desired network configuration inside a database that is replicated across three NSX Manager appliances, which run as virtual machines. The management plane also acts as the user interface and entry point for programmatic users. It is bundled in a virtual machine called the NSX Manager Appliance, which is clustered into three appliances for production deployments to ensure high availability.

Control Plane

The control plane resides inside a NSX Controller element, which also resides inside the NSX Manager appliances with the latest releases of NSX. In earlier releases of NSX, NSX Controllers used to reside inside separate virtual machines. The control plane is responsible for pushing the configuration entered by the user using the UI or APIs to the data plane.

Data Plane

The data plane is responsible for performing stateless packet forwarding, and user data passes through the data plane. The data plane comprises transport nodes that can be ESXi hosts, edge VMs, or bare metal servers. In the latest releases of NSX, support for KVM hosts as transport nodes has been withdrawn.

Transport Nodes

A transport node is a node prepared for NSX, runs the local control plane daemon, and forwarding engines implementing NSX data plane. A transport node can be an edge VM, ESXi host, or bare metal server. Edge transport nodes are service appliances dedicated to running centralized network services that cannot be distributed to the hypervisors like north/south routing, load balancing, DHCP, VPN, NAT, etc. They can be instantiated as a bare metal appliance or in virtual machine form factor.

Distributed Routing

In the next blog, we will discuss distributed routing in VMware NSX. Distributed routing is a critical component of NSX that enables network services to be distributed across multiple transport nodes, providing scalability and high availability. We will delve into how NSX uses a combination of centralized and distributed routing techniques to optimize network performance and security.

Conclusion

In conclusion, VMware NSX is a powerful software-defined network virtualization and security solution that provides a complete set of networking services like routing, switching, firewalling, load balancing, and QoS. Understanding the architectural components of NSX, such as the management plane, control plane, data plane, and transport nodes, is essential for deploying and managing NSX in production environments. In our upcoming blogs, we will explore each of these components in more detail and discuss how they work together to provide a highly scalable and secure network infrastructure for virtual machines and cloud-native applications.

Subscribe now to keep reading and get access to the full archive!

Leave a Reply