can someone please explain Multi-TEP design with use case.. i am getting confused.. how does we isolate workload and then how does it merge for external traffic.
Are you talking about Edge Multi-TEP or Host Multi-TEP?
Either way, I did not understand how this plays with workload isolation and external traffic.
TEPs are the transport node interfaces for Geneve tunnel termination. They are only between transport nodes. Connection to physical network does not use TEP.
With regards to workload isolation you can just use DFW. It is actually independent of TEPs and overlay networks.
Could you explain more about the isolate workload requirement and external traffic?I'm still trying to correlate the TEP constructs with isolate/external traffic.
Below east-west traffic goes via TEPs:
1. East-West between VMs - between ESXi (Transport Node) TEP to ESXi (Transport Node) TEP
2. East-West between Edge and VMs - between Edge (VM/Bare Metal) and ESXi (Transport Node) TEP
Multi-TEPs is mainly for throughput/load balancing and not so much on isolation/separation traffic.
Transport Node and/or Edge can have Multi-TEPs
If you have 4 pNICs like below diagram, you can pin TEP VLANs on P3 & P4 and north-south/external traffic is pinned to P1 & P2
If you only have 2 pNICs, they will on the same pNICs but still on different VLANs
As you can see in below diagram, vNIC2 & vNIC3 will be the north-south/external and vNIC4 will be TEP/east-west.
Not sure if this is the isolation that you're referring to.
Overlay/East-West runs on an Overlay Transport Zone and an N-VDS can only have one Overlay Transport Zone
If you need a separate Overlay Transport Zone, you would need a separate N-VDS and potentially a separate TEP VLAN, not sure if this is what you're referring.
However, if your requirements is around security isolation, then this is not related with the TEP discussions