VMworld 2013: NSX: Introducing the World to VMware NSX

NSX: Introducing the World to VMware NSX

Milin Desai, VMware

Sachin Thakkar, VMware

NET5847

#NET5847

Agenda

The Need for Network

Virtualization

VMware NSX Capabilities

VMware NSX Getting started

Operations

NSX Partner Ecosystem

Putting it all Together

Virtualization

VMware NSX: Getting started

Operations

Customers Want …

Resource

Pools Flexible

Zero-trust Security

Micro-Segmentation

Self-Service IT

@ Scale

Elastic Compute

Extensions to

Public Cloud

What needs to happen…

Virtual Machine Data Center Network

Operational Model

Decouple from hardware

Create, Delete, Grow, Shrink

Transparent to application

Programmatic Monitoring

Extensible

Can we run Networks like VMs …

Introducing VMware NSX

Network Virtualization with NSX

L2 Switch L3 Router Firewall Load Balancer

Operational

model of a VM

Hardware

Software

Virtualization

VMware NSX Getting Started

NSX Operations

VMware NSX – Networking & Security Capabilities

Any Application (without modification)

Virtual Networks

VMware NSX

Network Virtualization

Platform

Any Network Hardware

Any Cloud Management Platform

Any Hypervisor

Logical Switching– Layer 2 over Layer 3,

decoupled from the physical network

Logical Routing– Routing between virtual

networks and physical without exiting the

software container

Logical Firewall – Distributed Firewall,

Kernel Integrated, High Performance

Logical Load Balancer – Application Load

Balancing in software

Logical VPN – Site-to-Site & Remote

Access VPN in software

NSX API – RESTful API for integration into

any Cloud Management Platform

Partner Eco-System

VMware NSX Components

Control Plane NSX Controller

Run-time state

• Decouples virtual networks

form physical topology

• Not in Data Path

• Highly Available

Data Plane

NSX Edge

VDS/OVS

Hypervisor Extension Modules

Firewall Distributed

Logical Router VXLAN

NSX vSwitch

• Highly Available VM form factor

• Data Plane for N-S traffic

• Routing and Advanced services

• Intelligent network edge

• Line Rate performance

Management

NSX Manager • Single point of configuration

• REST API and UI interface

• Highly Available

CMP Consumption

• Self Service Portal

• vCAC, vCD, Openstack,

Cloudstack, Custom Portals

Virtualization

VMware NSX: Capabilities

VMware NSX: Getting Started

Operations

Deploying Network Virtualization with VMware NSX

Compute

Leverage existing

Network Infrastructure Any Network Vendor

Any Network Topology

IP Packet Forwarding

Fabric

Compute

Leverage existing

Network Infrastructure Deploy VMware NSX

Virtual Infrastructure

NSX Infrastructure

Demo Simplified one-click deployment:

• Rich integration with vSphere Web Client

• Highly available controller cluster

• Automated in-kernel logical networking / firewalling deployment

• Customizable networking configuration

• Static IP Pools

• Physical network multi-pathing

• Transport Zone - multiple control plane modes

HOL SDC-1303

Compute

Leverage existing

Network Infrastructure

Deploy VMware NSX

NSX Mgmt & Edge Services

Virtual Infrastructure

NSX Infrastructure

Consumption of

Applications

CMP Portal

Self-Service

Programmatic

Virtual

Network Deployment

Logical Networks

NSX supports deployment of complex topologies

Multiple

Networks

Network

DATABASE

WEB APP DATABASE

Automation – Deploy full automation via vCAC, vCD, Openstack or any CMS

VMware NSX Logical Switching

• Per Application/Multi-tenant segmentation

• VM Mobility requires L2 everywhere

• Large L2 Physical Network Sprawl – STP Issues

• HW Memory (MAC, FIB) Table Limits

• Scalable Multi-tenancy across data center

• Enabling L2 over L3 Infrastructure

• Overlay Based with VXLAN, STT, GRE, etc,

• Logical Switches span across Physical Hosts

and Network Switches

Challenges Benefits

LOGICAL SWITCHING –Scale the Network 1000X

Logical Switch 1 Logical Switch 2 Logical Switch 3

Logical Switches NET

Demo Feature rich L2:

• Dynamic Logical Switch Provisioning & Consumption

• Layer 2 bridge to connect physical networks or machines

• Advanced Layer 2 features (i.e. flow based marking / DSCP etc.)

HOL SDC-1303

HOL SDC-1319

VM to VM Routed Traffic Flow

VMware NSX Layer 3 Routing: Distributed, Feature-Rich

• Physical Infrastructure Scale

Challenges – Routing Scale

• VM Mobility is a challenge

• Multi-Tenant Routing Complexity

• Traffic hair-pins

• Distributed Routing in Hypervisor

• Dynamic, API based Configuration

• Full featured – OSPF, BGP, IS-IS

• Logical Router per Tenant

• Routing Peering with Physical Switch

Challenges Benefits

SCALABLE ROUTING – Simplifying Multi-tenancy

Controller Cluster

NSX Manager

Tenant A

Tenant B

L2 Tenant C

Virtual Network – A complete network in software NET

Demo Advanced L3 in Software:

• Fully distributed logical routing for East-West connectivity.

• Dynamic routing protocols (OSPF / BGP / IS-IS)

HOL SDC-1303

NSX Logical Routing: Key Takeaways

One hop accelerated East-West traffic

Dynamic routing protocols configured in software

(OSPF / BGP / IS-IS)

Support multi-tier routing topologies

VMware NSX Firewall: High Performance, Scalable Security

• Centralized Firewall Model

• Static Configuration

• IP Address based Rules

• 40 Gbps per Appliance

• Lack of visibility with encapsulated traffic

• Distributed at Hypervisor Level

• Dynamic, API based Configuration

• VM Name, Identity-based Rules

• Line Rate 15+ Gbps per host

• Full Visibility to encapsulated traffic

Challenges Benefits

PERFORMANCE & SCALE – 1,000+ Hosts 30 Tbps of Firewall

PHYSICAL SECURITY MODEL NSX FIREWALL FOR SDDC

Firewall Mgmt

VMware NSX

Virtual Network – A complete network in software SEC

VMware NSX Load Balancing

• Application Mobility

• Multi-tenancy

• Configuration complexity – manual

deployment model

• On-demand load balancer service

• Simplified deployment model for

applications – one-arm or inline

• Layer 7, SSL, …

Challenges Benefits

LOAD BALANCER – Per Tenant Application Availability Model

Tenant A

VM1 VM2

VM1 VM3 VM2

L3 Tenant B

Virtualization

NSX Operations

Network Virtualization - Operations

Highlights • Overall Logical network health/stats

• VM to VM connectivity

• Per VM flow visibility

• Traffic Analysis – Packet Capture

• Transport / Tunnel health

• Inventory & Fault Management

• Multi-level Logging, Event tracking and Auditing

• Physical network troubleshooting / visibility

• Upgrade Management

Aggregate Operational Views • Statistics collections

• Alarms & Health Monitoring

• Network Performance & Resource Utilization

• Manage & Monitor through infrastructure

management tools such as vCenter Operations

Manager

Demo An operationalized virtual networking platform:

• Flow Monitoring

• Server Activity Monitoring

• vCenter Operations Manager Integration

Virtualization

NSX Operations

NSX Extensibility: Partner Integration

NSX Controller

NSX API

Partner

Extensions Network Security Platform

Network Gateway Services

Application Delivery Services

Security Services

Cloud Mgmt Platforms

NSX Policy Based Management Framework

Network & security services can now be consumed more

efficiently in the Software-Defined Data Center.

Apply.

Apply and visualize

security policies for

workloads, in one place.

Automate.

Automate workflows

across different

services, without

custom integration.

Provision.

Provision and monitor

uptime of different

services, using one

method.

NSX Service Composer – Canvas View SEC

Virtualization

NSX Operations

VMware NSX – Deployment Use Cases

Self-Service IT

Test X

Acquisition A

DevOps Cloud

On-boarding M&A

Application specific networking

Flexible IP Address Mgmt

Simplified consumption

Key Capabilities

Examples

Data Center

Automation

Micro-segmentation of App

Simplifying Compute Silos

DMZ Deployments

Programmatic Consumption

Full featured stack

Visibility and ops

Key Capabilities

Examples

Public Clouds

XaaS Clouds

Vertical Clouds

Multi-tenant Deployment

Programmatic L2, L3, Security

Overlapping IP Addressing

Any Hypervisor, Any CMP

Key Capabilities

Examples

vSphere

X86 Hosts

KVM Xen Server Hyper-V

Line Rate

Bi-directional

Any-to-Any

Physical or

Virtual

Hardware

Software

Hardware

Software

Any Cloud Management Platform

VMware NSX API

Line Rate

Bidirectional

Tromboning

Line Rate

Bidirectional

Kernel Integrated

25,000 CPS

2.5 million

Sessions

15 gbps

100K CPS

1M Concurrent

FW, LB, VPN

The New Role of Software Networking

Distributed

Switching

Distributed

Routing

Distributed

Firewall

Services

VMware NSX Software (Network Hypervisor)

Virtual Networks

Existing Network Infrastructure

Imagine the Possibilities ..

Install

Network Fabric Spine, Cable Plant

Deploy Infrastructure Services

VMware NSX, CMP

Build a Flexible Infrastructure

Connect Rack Utilities

Network Uplinks, Power

Auto-provision Top of Rack Switches

Image is loaded, IP, L3 Fabric

Auto-Deploy Hypervisors

Drivers, NSX Components

Just “Rack N’ Roll”

Deploy Applications from CMP

VMs, Logical Networks and Security

Add Capacity on Demand

Related Sessions & Resources

Introductory Topics

• NET5184 – Designing your Data Center for Network Virtualization

• NET7388-S – Network Virtualization – Moving Beyond the Obvious

Advanced Topics

• NET5584 – Deploying Network Virtualization

• NET5716 – Advanced NSX Architecture

• NET5266 – Bringing Network Virtualization to VMware Environments with NSX

• NET5270 – Virtualized Network Services Model with NSX

NSX Hands-on Labs

• HOL-SDC-1303

• HOL-SDC-1319

Blogs - http://blogs.vmware.com/networkvirtualization/

Twitter: @VMwareNSX

THANK YOU

NSX: Introducing the World to VMware NSX

Milin Desai, VMware

Sachin Thakkar, VMware

NET5847

#NET5847

VMworld 2013: NSX: Introducing the World to VMware NSX

Technology

Transcript of VMworld 2013: NSX: Introducing the World to VMware NSX

VMworld 2016: Advanced Network Services with NSX

VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks

VMWorld 2014 - Advanced Network Services With NSX (2)

VMworld 2013: VMware NSX Extensibility: Network and Security Services from 3rd-Party Vendors

VMWorld 2013 - NSX Security Solutions in Action

Vmworld 2014 Vmware Openstack

VMware NSX - All In The Loop Operations –Summary of ... Arkin Confidential 31 VIRTUAL: VMware vSphere, VMware NSX (Edge, ... VMware NSX is The Platform for Network Virtualization

VMworld 2013: Virtualized Network Services Model with VMware NSX

VMworld 2014: Virtualize your Network with VMware NSX

SDDC Reference Design for publication with NSX Data Center · 2018-09-05 · #vmworld SDDC Reference Design with NSX Data Center for vSphere Gregory Smith, VMware, Inc. Nimish Desai,

VMworld 2013: Real-world Deployment Scenarios for VMware NSX

Vmworld 2013 Vmware Nsx Integration With Openstack

Deep Security 9.5 SP1 Installation Guide (VMware NSX)€¦ · • Additional VMware Utilities: NSX Environment:VMware Tools, VMware vCenter Server Appliance 5.5, VMware NSX Manager

MMC2046BU Using VMware NSX Cloud for Enhanced or …...Percy Wadia Amol Tipnis MMC2046BU #VMworld #MMC2046BU Using VMware NSX Cloud for Enhanced ... • Static Group membership and

VMworld 2013: Advanced VMware NSX Architecture

VMworld 2013: Deploying VMware NSX Network Virtualization

VMworld 2013: Security Automation Workflows with NSX

SESSION ID NSX-T Deep Dive: Layer 3 Routingdl.geekboy.pro:8080/VMworld 2019/CNET1069BU.pdf · Senior Technical Product Manager, VMware #vmworld #CNET1069BU SESSION ID VMworld 2019

VMworld 2015: VMware NSX Deep Dive

NET1338BE VMware Integrated OpenStack and NSX Integration ... · Andrew Pearce - NSX Technology Practice Gary Kotton - Lead Developer for Neutron NET1338BE #VMworld #NET1338BE VMware