Who is Chris Wahl?• VMware Certified Design Expert (VCDX) #104▫ Data Center and Network Virtualization

• Tech, Lab, Certs, Reviews, Videos▫ WahlNetwork.com

• Pluralsight Author (formerly TrainSignal)▫ Upgrading your vSphere Environment▫ CCNA Data Center (640-911 & 640-916)▫ vCloud Director 5.1

Networking for VMware AdministratorsPaperback, Kindle, eBook, EPUB, MOBI, PDF100% of my profits go to Alzheimer’s Association

Social Media

Will the slides be available?

Software Defined Networking

VXLAN

Important Data

Give to NVS

Lookup and Encapsulate

Send Encapsulated Frame - Underlay

Remove Encapsulation

Deliver to VM

Frame Received!

NSX Implementation

It can be daunting• Networking• Security• Virtualization• Infrastructure• Operations• Scripting

Building NSX

• NSX Manager▫ Provided as an OVA file▫ Connects to vCenter Server▫ Provides overall management

▫ RESTful API endpoint

Building NSX

Building NSX• Distributed control plane• Slicing of VXLAN• MAC, ARP, and VTEP tables• 3+ suggested for quorum

Preparing Hosts• Kernel modules▫ DLR – Distributed Logical Router▫ DFW – Distributed Firewall

• VXLAN interface

Network Services

Distributed Logical Switching• Funky name▫ Looks like port groups on your VDS

• Way more than port groups▫ Each host becomes a FedEx hub▫ DLS traffic is encapsulated by the VTEP

Network FabricTransport VLAN(s)

Distributed Logical Switching

ESXi ESXi ESXi ESXi

VM VM VM VMVM VMVM VM

Transport VLAN

Distributed Logical Routing• ESXi hosts form “one giant router”• Each host acts as the SVI

ESXi ESXi

VM VM

Transport VLAN

Distributed Logical Routing• ESXi hosts form “one giant router”• Each host acts as the SVI

ESXi ESXi

VM VM

VDS

Distributed Firewall• Works with any type of port group• Does not require VXLAN• Applied on the virtual NIC in the VM

Port Group

VM dvport

Uplinksvmnic

0vmnic

1FW

VDS

Distributed Firewall• Works with any type of port group• Does not require VXLAN• Applied on the virtual NIC in the VM

Port Group

VM dvport

Uplinksvmnic

0vmnic

1FW

Use Cases

Distributed Logical Router

Disaster Recovery / Testing

Web

VM

App DB Utility

VM VM VMVM VM VM VM

.1 .1 .1 .1

.2.1

Distributed Logical Router

Disaster Recovery / Testing

Web

VM

App DB Utility

VM VM VMVM VM VM VM

.1 .1 .1 .1

X

End User Compute• Stateful firewall▫ Based on logged on user or other metadata

X OK

Network Automation• Cloud Management Platforms▫ “CMPs”▫ The way forward for hybrid cloud

• Integration points▫ OpenStack▫ vRealize Automation▫ Config Management (Puppet)

• Use of RESTful APIs

Infrastructure as CodeHead to https://github.com/WahlNetwork

Example blueprint actions

•User picks blueprint•Answer IaaS questions•Approvals•Provisioning kickoff

Send to vCO

•Call scripts•Wait for return value•Build out LS, attach to LR

Send back to CMP •Return success

•Attach VMs to LS•Pull IP from IPAM•Handoff to config mgmt

Complete

Thank you for a great session!For more goodies, check out these resources:

Visit WahlNetwork.com for Deep Dives, Home Lab Tips, Reviews, and More!

Check out “Networking for VMware Administrators” by VMware Press

Over 30 hours of my video training content is on Pluralsight.com

Nearly 100 free HD videos on the WahlNetwork YouTube Channel