- Enzoic for Active Directory Lite: Find weak passwords in Active Directory - Tue, May 19 2020
- Remote work: RDS vs. VDI vs. VPN - Fri, May 15 2020
- Veeam Backup for Office 365 v4 - Tue, May 12 2020
VMware’s NSX Data Center is the leading enterprise data center network virtualization platform. It has been widely adopted as businesses face new challenges in terms of security, compliance, and automation. If you have been monitoring the NSX Data Center platform over the past couple of years, you have no doubt noticed there are now two versions of the NSX Data Center product.
These include the original NSX-V and the new NSX-T network virtualization platform. What are the differences between the two platforms? Which version would you choose if you were performing a greenfield installation? Is there a migration path? Let's take a closer look at the similarities and differences between NSX-V and NSX-T and see how they relate.
What is network virtualization? ^
Before looking at the two NSX Data Center solutions that deliver network virtualization to your environment, let's briefly discuss what network virtualization is. It has been described as a hypervisor for your network. In the same way that VMware ESXi allows virtualizing your computer infrastructure, NSX allows virtualizing your network.
It is notoriously challenging to implement changes in a network in an agile, flexible way. Changes to the network might require days to weeks of waiting for the network team to implement changes. Today's environments move at a pace where traditional networking is very restrictive and impedes progress in deploying infrastructure.
Network virtualization uses network encapsulation tunnels to create an overlay network on top of the physical network. This allows creating virtual networks that have all the features and capabilities of the physical network.
VMware's network virtualization solution began with NSX-V. The “V” in the NSX-V solution designates it as the network virtualization solution for vSphere. NSX-V solution is supported on VMware vSphere.
In fact, the NSX-V solution requires a vCenter Server in the environment. After the NSX-V Manager is deployed in the environment, you can associate the NSX-V Manager with your vCenter Server. It registers the solution with vCenter and integrates NSX-V into your vSphere environment.
One of the main reasons that NSX-V relies so heavily on vCenter Server is the requirement for vSphere Distributed Switches (VDS), which are required by NSX-V services. The VDS is only available if you have vCenter Server in the environment.
NSX-V uses VXLAN network encapsulation to create the network overlay needed to create virtual networks. Using VXLAN, NSX-V enables creating logical networks effectively, even across routed environments. This includes stretching L2 segments, creating distributed logical routers, implementing load balancers, and many other features. The NSX firewall included with NSX-V enables implementing micro-segmentation effectively to prevent unauthorized network communication between network endpoints and server resources.
NSX-V is now considered to be the legacy solution to implementing network virtualization, even for VMware vSphere environments. It was originally developed for on-premises environments and use cases with VMware vSphere, which VMware and its customers are moving away from. However, NSX-V still has the widest selection of supported customer integrations of VMware's network virtualization solutions, and many security and other vendors have supported integration with NSX-V.
NSX-V management can be accessed easily using the vSphere Client. This makes administration of the NSX-V solution familiar and intuitive for vSphere administrators.
Installing NSX-V involves the following general workflow:
- Install the NSX-V Manager.
- Register the NSX-V Manager with vCenter Server.
- Deploy an NSX-V Controllers cluster.
- Install NSX-V VIBs on your ESXi hosts.
- Configure VXLAN for ESXi.
- Configure segment IDs.
- Create your transport zones.
- Add your NSX-enabled vSphere clusters to the transport zone.
NSX-V's key characteristics:
- Works only with VMware vSphere
- Best suited for on-premises workloads
- Uses VXLAN for network encapsulation
- Has a wide selection of partner and third-party integrations
- Legacy solution at this point while still supported
If you have been following NSX for the past couple of years, all the excitement with NSX is now focused on NSX-T. What is NSX-T? NSX-T is “T” for Transformers. It is VMware's new approach to network virtualization, which enlarges the scope past VMware vSphere.
In fact, NSX-T is a supported solution that can be implemented on physical hardware, VMware vSphere, and KVM hypervisors. It is also the underlying network virtualization solution for the VMware Cloud on AWS and provides the networking under the hood for Amazon's AWS outposts.
This is VMware's network virtualization solution for cloud environments and not simply on-premises. NSX-T is certainly helping to transform VMware's network virtualization offering to customers.
What about the technology itself? Is it the same as NSX-V?
There are certainly similarities in the two solutions. Both NSX-V and NSX-T virtualize the network layer so that networks can be created logically and span physical network underlays without reconfiguring physical network devices for implementation.
Both NSX-V and NSX-T enable logical switching, distributed logical routing, and implementing micro-segmentation. Another interesting similarity is that (at least for now) a license key for NSX Data Center can also be used for either NSX-V or NSX-T. Starting with NSX-T Data Center 2.4, VMware has essentially reached feature parity with NSX-V, so this is no longer a reason for restraint in deploying NSX-T.
While their general feature sets certainly have many similarities at a basic level, there are some fundamental differences in the technologies and how they are implemented.
Unlike NSX-V, NSX-T is not coupled with vCenter Server and does not require it. Of course, it does work well with vSphere, however, including integration with vCenter Server as a compute manager. VMware has created NSX-T as a network virtualization product that transcends traditional vSphere components and stands alone as a network hypervisor outside of vSphere.
There are other differences under NSX-T's hood in comparison to NSX-V. For one thing, NSX-T uses a different network encapsulation protocol. Instead of using VXLAN, NSX-T makes use of a network encapsulation protocol called GENEVE (Generic Network Virtualization Encapsulation).
Another difference with NSX-T is the use of the new N-VDS virtual switch. Since VMware has decoupled NSX-T from vCenter Server, the requirement for running NSX with VDS is no longer feasible. VMware has introduced the new N-VDS as the solution to this issue. The N-VDS virtual switch is a new type of virtual switch that is specific to NSX-T.
The N-VDS is created and maintained at the NSX-T Manager level. The N-VDS in the NSX-T solution is paired with the transport zone. The transport zone is created in NSX-T, an N-VDS switch is created with the transport zone, and then the Transport Zone is applied to a transport node. So the NSX-T Manager appliance becomes the management plane in the NSX-T solution, taking the place of vCenter Server in that capacity with NSX-V.
NSX-T N-VDS switches can be viewed from the vSphere Client, but you cannot edit the N-VDS from your vSphere Client outside of viewing. You must manage the switch from the NSX-T Manager.
Deploying NSX-T involves the following workflow:
- Install the NSX-T combined manager/controller appliance. (There is no need to establish a link with the compute manager [vCenter Server].)
- Configure your transport nodes.
- Configure transport zones, along with N-VDS virtual switches.
- Configure uplink profiles.
NSX-T's key characteristics:
- Not tied to vCenter Server
- Supports additional hypervisors (KVM for now)
- Well-suited for Cloud
- VMware Cloud on AWS and AWS Outposts underlying networking solution
- Uses GENEVE network encapsulation
- Uses a new virtual switch technology: the N-VDS
NSX-V vs NSX-T: Which should you install? ^
As shown, there are certainly similarities between NSX-V and NSX-T. However, there are also major differences in the platforms. Which solution should you deploy? The answer may depend on your use case, what you are looking to achieve, and your comfort level.
At this point, it would not be wrong to install or continue to make use of NSX-V. VMware is continuing to support and develop NSX-V for the time being. NSX-V at this time also has the widest partner and third-party integration. You may have an integration that your business absolutely depends on, which has not yet been introduced in NSX-T. So you would want to continue with NSX-V.
Currently, if you are looking to manage everything from the vSphere Client interface, NSX-V offers the best integration. NSX-V registers a vSphere Client plugin that allows interacting with your NSX-V solution from your vSphere Client interface.
If you are installing a greenfield deployment of VMware’s NSX solution and there is no lack of partner or third-party integration that would hold you back, you would certainly want to consider deploying NSX-T. NSX-T is the way forward for NSX with both vSphere and all other deployments. The writing is on the wall for NSX-V – at some point in the future, NSX-V is going to be a deprecated product and all new development and features will be introduced only in NSX-T.
If you do install NSX-T, you must be aware of the change in management and workflows with regard to deploying and configuring NSX-T. This includes creating, configuring, and managing network components from the web interface of the NSX-T Manager and not from the vSphere Client connected to vCenter Server.
Additionally, NSX-T may be a bit behind in partner and third-party integrations when compared to NSX-V. If you rely heavily on these third-party integrations, you will want to make sure they have been introduced and are supported with NSX-T.
There is also a path to migrate from NSX-V to NSX-T. VMware has built an NSX-V-to-NSX-T migration utility in NSX-T that will provide a way forward to NSX-T to customers who may need to deploy NSX-V due to partner integration.
Concluding thoughts ^
VMware NSX allows you to move at a quick pace when it comes to network provisioning, configuration, and automation. Virtualizing the network layer allows overcoming challenges that are simply not possible with physical networks. Today, if you are planning on deploying VMware’s NSX solution, you will have a choice to make.
VMware’s NSX-V solution has been around for quite some time and is the de facto option for VMware vSphere environments running vCenter Server. However, NSX-T is the new way forward for NSX virtualization. NSX-T is no longer tied to vCenter Server and provides options that span beyond vSphere and into other hypervisors, even into the Cloud.