NSX-T Architecture | Overview of NSX-T Management, Control, and Data Plane

NSX-T Manager

NSX-T utilizes a multi-tiered networking stack. The NSX Management Cluster is a 3 node high availability cluster. The cluster consists of a converged Management (Policy) & Control Plane cluster services.
  • The NSX management nodes each contain a Management plane, a central control plane, a policy role and a replicated desired state datastore.
  • The NSX Management Cluster provides availability of all management services and increased performance.
  • The converged appliance allows for easier operations with less systems to monitor and maintain.




Functional characteristics of the NSX-T Manager

Following are the functions of the NSX-T Manager
  • Maintains connectivity to all nodes in the system
  • Provides entry point to the system via UI or API
  • Handles user queries
  • Persists user configuration and the desired configuration
  • Validates the stores data state
  • Maintains and propagates the dynamic state



NSX-T Manager Clustering

Following are the features are benefits of Clustering of NSX-T Manger

Features of NSX-T Manager clustering
  • Cluster of three NSX managers
  • API and GUI available on all managers
  • Replicated desired state datastore

Benefits of NSX-T Manager clustering
  • High availability of the NSX UI and API
  • Reduces the likelihood of failures of NSX operations
  • Provides API and GUI clients with multiple endpoints for a single VIP for availability

Clustering of NSX-T Manager can be setup in two ways
  1. NSX-T Manager Clustering with Virtual IP
  2. NSX-T Manager Clustering with Load Balancer

NSX-T Manager Clustering with Virtual IP

Following are the characteristics of NSX-T Manger clustering with Virtual IP.
  • The cluster Virtual IP is assumed by one Manger called the leader
  • All cluster nodes must be in the same subnet.
  • GARP is used when the Manager with the Virtual IP fails.
  • The cluster IP is used for the north bound operations. The south bound connectivity to the hosts uses the physical IP of each node.


NSX-T Manager Clustering with Load Balancer

Following are the characteristics of NSX-T Manger clustering with Load balancer
  • All Nodes are active
  • VIP load balances the traffic to multiple managers
  • Managers can be in different subnets





NSX-T Control Plane

The control plane is distributed between
  • Central Control Plane (CCP) in the Manager Cluster and
  • Local Control Plane (LCP) agents on the hosts
Following are the functions of CCP
  • Computes all ephemeral runtime states based on configuration from the management plane.
  • CCP pushes stateless configuration to the transport nodes. The Local Control Plane (LCP) agents receive the configuration and pushes it into the data plane of the transport node.
  • Disseminates topology information reported by the data plane elements.




NSX-T Data Plane

Distributed Data Plane

  • The NSX-T distributed data plane connects and hosts workloads across an entire enterprise utilizing heterogeneous hypervisor support and multiple Public cloud connectivity. 
  • It supports hosting the most diverse array of application frameworks -VMs, containers, micro-services, bare-metal, etc.
  • It implements distributed switching, routing and firewalling.


Data Plane in Transport Nodes

The Data Plane on each node is a high performance engine for logical switching, routing, and distributed firewall. The data plane encapsulated and decapsulates packets for the overlay network.

The Data plane of each host contains following elements:
  • Local Control Plane (LCP) agent
  • Management Plane Agent (MPA)
  • NSX Virtual Distributed Switch

The N-VDS is based on either:
  • ESXi vSwitch for ESXi
  • Open vSwitch (OVS) for KVM





Learn more about VMware NSX here


Comments

  1. I am very thankful to you for sharing this necessary knowledge. This information is very helpful for everyone. So please always share this kind of information. Thanks. Managed Service Provider for Suffolk County

    ReplyDelete

Post a Comment

Popular posts from this blog

Anyconnect SSL-Client VPN with Self-signed Certificate on Cisco ASA

Filtering Routes in BGP using Route-maps and Prefix-list

Open Shortest Path First (OSPF)

IKEv2 IPsec Site-to-Site VPN configuration on Cisco ASA 8.4(x)

IPsec VPN as a Backup for Point-to-Point Link using IP SLA

Border Gateway Protocol (BGP)

Cisco ASA Active/Active Failover Configuration

Bypassing Proxy Server in Google Chrome

Cisco ASA Active/Standby Failover Configuration