amflacco
Contributor
Contributor

N-VDS overlay and VLAN Transport Zones

Hello everybody,

need your support why, reading the NSX 3.0 reference guide on page 25 I found:

"An NSX virtual switch (N-VDS or VDS with NSX) can attach to a single overlay transport zone and multiple VLAN transport zones at the same time."

It could be true when create a transport zone, because you can enter a switch name (removed in version 3.1). But actually when you create a transport node profile you can create an NVDS and attach it to one or more overlay transport zone.

Probably I entered a loop from which I can not get out. I created a Transport node profile in which a single nvds is connected to 3 overlay tz, 2 vlan tz (total 5 tz) and configured nsx transport node. 

NSX gave me no alarm (version 3.0).  Everything is in success state. I created one segment for each overlay and vlan and ai can see them in the vcenter under NVDS switch name the five" portgroup". Reading that sentence I expected at least one error on the nsx side.

Where i'm getting wrong?

Thank you!

Alessandro

 

0 Kudos
2 Replies
sekar_neo
Contributor
Contributor

I am not sure but, the following might be the reason.

Assume we have 4 hosts which are in a cluster-1 (host-1, host-2, host-3, host-4).

Transport node profile applied on top of the cluster when we prepare hosts.

 In our scenario, the Transport node profile contains 3 overlay TZ and 2 VLAN TZ with NVDS-1.

All the hosts will be part of 3 overlay transport zone (Ex-overlay-TZ-1, overlay-TZ-2, overlay-TZ-3).

When all the 4 hosts can leverage one overlay transport zone (Ex-overlay-TZ-1) along with that NVDS-1 for the E-W communication.

So I think there is no need or no use to put those hosts in one more overlay transport zone. 

 

0 Kudos
amflacco
Contributor
Contributor

Hi sekar_neo and thank you for you reply.

Reading the old guide lines, I am more and more convinced that it's a typo of version 2.0  because that version actually had that limitation, if I remember correctly.

Your motivation might also make sense, but the sentence "An NSX virtual switch (N-VDS or VDS with NSX) can attach to a single overlay transport zone and multiple VLAN transport zones at the same time ", declares a limitation. Perhaps it would have been more understandable if it had been written: An NSX virtual switch (N-VDS or VDS with NSX) shoudn't / couldn't attach to a single overlay transport zone and multiple VLAN transport zones at the same time for bla bla bla .." (I’m not a native English but I hope you know what I mean). The "can" made me think to something not technically possibile, which is not true, so I wondered where i was wrong.

I also agree with your vision above all for security purpose.

Alessandro