For a while I pondered the benefits of a vSwitch and enjoyed the notion of a distributed vSwitch. These items were extremely flexible for virtual networking in VMware’s hypervisor switching construct. The ability to create VLANs, port groups, PVLANs, automated deployment, and adapt to pretty interesting networking requirements in software was nifty. The let downs were there though. It seemed that VMware’s switching construct was missing something. Then the announcement that made sense came, albeit in a “I can do anything, anything better” way.

Fresh of the bat of the Nicira purchase, the virtualisation platform that was snapped up by VMware has bore fruit. Under the ever watchful eye of Brad Hedlund, VMware has produced a programmable, flow defined, networking construct.

The human friendly web-driven GUI allows for simple and easily deployed networking assets. Distributed cluster wide across multiple ESXi hosts, an engineer can engage in fast forwarding, feature rich, software networking virtualisation. Programmable API’s allow access into the NSX platform to provide harmonious integration with VMware and OpenStack.

he VMware NSX platform is launches with five cornerstones: Controller Cluster, Hypervisor vSwitches, Gateways, Ecosystem partners, and NSX Manager.

Controller Cluster

This virtualised x86 application takes northbound API requests and turns them into operations. The NSX controller cluster is logically centralised but physically distributed amongst cluster hosts. As an environment grows, the ability to extend the controller cluster is as  simple as expanding the control cluster. The NSX controller has visibility of all network devices and guests deployed with NSX.

Hypervisor vSwitches

The control cluster takes control of the in built in kernel vSwitch already existing in each host. Intelligence in the networking software coupled with scalable flow programming switching opens many doors. By leveraging such technologies as VXLAN and STT, IP encapsulation can take place between hypervisors. This notion brings to networking what virtualisation brought to physical servers.


Gateways are what provides a path back into the physical world, or as VMware state, the edge of the software defined data centre. NSX Gateway nodes can be deployed in active/active HA pairs, and offer IP routing, MPLS, NAT, Firewall, VPN, and Load Balancing services. This allows many engineers to securely control northbound and southbound traffic at borders of NSX networks. I am picturing these gateways like a NSX distribution layer. It is also possible to create a Layer 2 gateway.

Well played VMware.

Ecosystems Partners

This part I need to read more on but from what I can gather this is about open source communication and creating a well-defined trust relationships within the network. Read more here.

NSX Managers

NSX manager is the GUI that controls the network above. It is a dashboard that contains logs, network information, deployment status, and traffic information right at an engineers finger tips. This will be the heart of NSX deployments as it is rolled out. THe physical and virtual world will be easily mapped with diagrams and charts automatically generated. I like this automatic documentation! The system is also capable of automatic snapshots and system recovery; the same as a guest current has access to now.


This is the first real viewing of what Niciras acquisition by VMware has eventuated to. By first accounts I am impressed by some things such as programmability and the fluid deployment nature. I still worry that ESXi administrators won’t consult with networking staffs who provide their DC platform for their servers. Hopefully the NSX push will bring the silos together. At the moment, it feels like server, networks, and applications are being smooshed together like a terrine. Prepare for terrine takeover Q3, 2013.

3 thoughts on “VMware NSX

  1. It will be interesting to see how this all shapes out on two fronts. One is the organization side where as you mentioned server, application, and network silos are going to have to come together to some extent which is going to cause some conflicts. The other I am starting to wonder is what this is going to do not just to network companies like Cisco, but firewall and load balancing companies if everything is under the vmware umbrella. There are some advantages and some disadvantages and while we may end up in a nice place in the end, I think we may have a bit of a bumpy road to get there as some places rush quickly into this and then run into “gotchas”. I’m a Cisco Engineer, but definitely thinking about doing some vmware studying and maybe even picking up some certs from them (looks like a virtual networking one is coming soon) just to be more well rounded in my skill set.

Leave a Reply

Your email address will not be published. Required fields are marked *