VMware NSXPacket Pushers Podcast
Logical Topologies & Traffic Flows
VM10.1.1.0 /24Web Tier
VM
VM10.1.2.0 /24App Tier
VM
VM10.1.3.0 /24Data Tier
VM
NSX LB (VM)
Data Center
DMZ
VMware NSX domain
NSX Edge
NSX Edge
Edge hosts
Compute hosts
NSX Distributed Router & Firewall
VXLANs
VLANs
(Hypervisor kernel)
DRS/HAFW, NAT, LB, VPN, RoutingMulti-service Edge (VM)
High Throughput / CPS
N-Tier Application
NSX Logical Topologyw/ One-arm LB
NSX Edge
VM10.1.1.0 /24Web Tier
VM
VM10.1.2.0 /24App Tier
VM
VM10.1.3.0 /24Data Tier
VM
Data Center
DMZ
VMware NSX domain
DRS/HANSX Edge
Edge hosts
Compute hosts
NSX Distributed Router & Firewall
FW, NAT, LB, VPN, Routing
VXLANs
VLANs
(Hypervisor kernel)
Multi-service Edge (VM)
N-Tier Application
High Throughput / CPS
NSX Logical Topologyw/ Inline LB
L2/L3 Core
L2 Switch
Server 1
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
vswitch
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
vswitchNSX
Distributed Logical Routing
4 wire hops 0 wire hops
L2 Switch L2 Switch L2 Switch
L2/L3 Core
Server 1
East-West Layer 3 RoutingSame Host
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
4 wire hops 2 wire hops
NSX
Distributed Logical Routing
L2/L3 Core
L2 Switch
Server 1
L2 Switch L2 Switch L2 Switch
L2/L3 Core
Server 1Server 2 Server 2
vswitch vswitchvswitch vswitch
East-West Layer 3 RoutingHost to Host
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
6 wire hops
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
NSX
0 wire hops
Distributed Virtual Firewall
FW
L2/L3 Core
L2 Switch
Server 1vswitch vswitch
L2 Switch L2 Switch L2 Switch
L2/L3 Core
Server 1
East-West FirewallingSame Host
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
6 wire hops 2 wire hops
NSX
Distributed Virtual Firewall
FW
L2/L3 Core
L2 Switch
Server 1
L2 Switch L2 Switch L2 Switch
L2/L3 Core
Server 1Server 2 Server 2
vswitch vswitchvswitch vswitch
East-West FirewallingHost to Host
Data Center Data Center
L2/L3 Core
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
5 wire hops
NSXEdge VM
10.1.2.0 /24App Tier
VM10.1.1.0 /24
Web Tier
13 wire hops
Application provisioning domain
FW
LB
VXLANDMZVLAN
VXLANVXLAN NSXvswitch
Compute Host 1
FW/LB
NSX Edge 1
L2/L3 Core
L2 Switch
Compute Host 1
L2 Switch L2 Switch L2 Switch
North-South & East-West Traffic FlowSame Host / Inline LB
Data Center Data Center
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
5 wire hops
NSXEdge VM
10.1.2.0 /24App Tier
VM10.1.1.0 /24
Web Tier
13 wire hops
Application provisioning domain
Application provisioning domain
FW
LB
VXLANDMZVLAN
VXLANVXLAN NSX
NSX LB
vswitch
NSX Edge 1 Compute Host 1Compute Host 1
L2/L3 Core L2/L3 Core
L2 Switch L2 Switch L2 Switch L2 Switch
North-South & East-West Traffic FlowSame Host / One-arm LB
Data Center Data Center
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
Before NSX With NSX
7 wire hops
NSXEdge VM
10.1.2.0 /24App Tier
VM10.1.1.0 /24
Web Tier
13 wire hops
Application provisioning domain
Compute Host 1 Compute Host 2
FW
LB
VXLANDMZVLAN
VXLANVXLAN NSXvswitchvswitch
FW/LB
Compute Host 2NSX Edge 1 Compute Host 1
L2/L3 Core L2/L3 Core
L2 Switch L2 Switch L2 Switch L2 Switch
North-South & East-West Traffic FlowMulti Host / Inline LB
Data Center Data Center
VM10.1.1.0 /24
Web Tier
VM10.1.2.0 /24
App Tier
North-South & East-West Traffic Flow
Before NSX With NSX
7 wire hops
NSXEdge VM
10.1.2.0 /24App Tier
VM10.1.1.0 /24
Web Tier
13 wire hops
Application provisioning domain
Application provisioning domain
Compute Host 1 Compute Host 2
FW
LB
VXLANDMZVLAN
VXLANVXLAN NSXvswitchvswitch
NSX LB
Compute Host 2NSX Edge 1 Compute Host 1
L2/L3 Core L2/L3 Core
L2 Switch L2 Switch L2 Switch L2 Switch
Multi Host / One-arm LB