VMware Networking Community
IntercomEnterpr
Contributor
Contributor
Jump to solution

I am currently using vsphere 5.5 with Trend deep security and going to upgrade to 6.7 with NSX and Trend Deep security. All Mgmt vlans (esxi, vcenter, PSC, NSX manager, Trend security appliances and etc...) will be on StD vSwitch portgroup and All VM work

I am currently using vsphere 5.5 with Trend deep security and going to upgrade to 6.7 with NSX and Trend Deep security appliances. All Mgmt vlans (esxi, vcenter, PSC, NSX manager, Trend security appliances and etc...) will be on StD vSwitch portgroup and All VM workload is on DVS portgroup. My question: Do I must use DVS portgroup for the NSX manger, controller and host preparation for their network adapter or STD vSwitch portgroup to do it's service, However All VM workload on DVS port group.

Reply
0 Kudos
1 Solution

Accepted Solutions
Sreec
VMware Employee
VMware Employee
Jump to solution

NSX vSwitch is based on vSphere distributed switches (VDSs), which provide uplinks for host connectivity to the top-of-rack (ToR) physical switches. You can certainly keep all management components (PSC/NSX/Controllers etc) on STD switch if you wish to use the same (Don't connect to VXLAN based PG ).As a best practice, VMware recommends that you plan and prepare your vSphere Distributed Switches before installing NSX for vSphere.NSX services are not supported on vSphere Standard Switch. VM workloads must be connected to vSphere Distributed Switches to use NSX services and features.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

View solution in original post

Reply
0 Kudos
3 Replies
Sreec
VMware Employee
VMware Employee
Jump to solution

NSX vSwitch is based on vSphere distributed switches (VDSs), which provide uplinks for host connectivity to the top-of-rack (ToR) physical switches. You can certainly keep all management components (PSC/NSX/Controllers etc) on STD switch if you wish to use the same (Don't connect to VXLAN based PG ).As a best practice, VMware recommends that you plan and prepare your vSphere Distributed Switches before installing NSX for vSphere.NSX services are not supported on vSphere Standard Switch. VM workloads must be connected to vSphere Distributed Switches to use NSX services and features.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
IntercomEnterpr
Contributor
Contributor
Jump to solution

Thanks for your fast reply. Just to recap what I understood that I must use VDS portgroup for (PSC/NSX/Controllers etc) network adapter if I am going to use the VXALN. However as in my case I will not use the VXLAN feature so I will  keep all management components (PSC/NSX/Host preparation/Controllers etc) on STD switch and VM workloads will be connected to vSphere Distributed for NSX security features.

Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
Jump to solution

Just to recap what I understood that I must use VDS portgroup for (PSC/NSX/Controllers etc) network adapter if I am going to use the VXALN.

No, you should not try to place/migrate  management components to NSX Provisioned VXLAN network . Data plane outage will impact management Machines as well. So i don't recommend that design. Dedicate few vlans for those workloads and you can keep leverage VSS or DVS .

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 6x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos