VMware Networking Community
vempati73
Contributor
Contributor
‎01-29-2019 08:22 PM
Jump to solution

Connectivity between Two Transport Zones in NSX

hi

I have a doubt on Connectivity between Two transport Zones in NSX. As per Transport Zones in VMware documentation

1. There is a 1:1 relation between Logical SWitch and Transport Zones

2. A logical switch cannot be part of Two Transport Zones

3. We cannot attach a DLR or ESG to two transport Zones

4. To acheive Security Isolation, We should map the VM's to a seperate Transport zone so that Other VM's part of other transport zones does not visibility of these VM's.

My understanding we can Interpret a transport zone as a Tenant and achieve a Isoloation. In case if I want to have communication between Vm's in two transport zones how do we achieve. Can some one explain or point me to VMWare documentation on routing between TRansport zones.

regards

vempati 

0 Kudos
1 Solution

Accepted Solutions
Beingnsxpaddy
Enthusiast
Enthusiast
‎01-30-2019 12:32 AM
Jump to solution

Your understanding is correct as transport zones can not have common DLR, so in order to route traffic between TZ you need to have a ESG in place, which can route traffic from one TZ to another. Its same as two different companies/tenants.

Regards Pradhuman VCIX-NV, VCAP-NV, vExpert, VCP2X-DCVNV If my Answer resolved your query don't forget to mark it as "Correct Answer".

View solution in original post

0 Kudos
6 Replies
Beingnsxpaddy
Enthusiast
Enthusiast
‎01-29-2019 09:56 PM
Jump to solution

dear vempati73​,  By any chance did you look at this article.

A Multi-Tenant Topology in VMware NSX - ipcraft.net

Regards Pradhuman VCIX-NV, VCAP-NV, vExpert, VCP2X-DCVNV If my Answer resolved your query don't forget to mark it as "Correct Answer".
0 Kudos
HassanAlKak88
Expert
Expert
‎01-29-2019 11:54 PM
Jump to solution

Hello,

Kindly check the following URLs which more explain the TZ concept:

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
0 Kudos
vempati73
Contributor
Contributor
‎01-30-2019 12:28 AM
Jump to solution

hi

Thanks for sharing the link, yes i came across the link while googling for the answer.

To achieve Communication between transport zones, assuming TZ as Tenant,  configure a ESG and enable routing between the Tenant ESG.

hope my understanding correct

regards

vempati chalapathy

0 Kudos
vempati73
Contributor
Contributor
‎01-30-2019 12:29 AM
Jump to solution

hi

Thanks for reply, I gone through the links, Answer i am looking was not addressed in the link.

regards

vempati chalapathy

0 Kudos
Beingnsxpaddy
Enthusiast
Enthusiast
‎01-30-2019 12:32 AM
Jump to solution

Your understanding is correct as transport zones can not have common DLR, so in order to route traffic between TZ you need to have a ESG in place, which can route traffic from one TZ to another. Its same as two different companies/tenants.

Regards Pradhuman VCIX-NV, VCAP-NV, vExpert, VCP2X-DCVNV If my Answer resolved your query don't forget to mark it as "Correct Answer".
0 Kudos
HassanAlKak88
Expert
Expert
‎01-30-2019 12:38 AM
Jump to solution

100% Smiley Wink

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak