harinderkohli41
Contributor
Contributor

VLAN's for VXLAN on Physical Switch when using NSX

Scenario 1

We are using NSX for Networking. we have vmotion, management and IP Storage Network. Also we have created 3 Logical Switches in separate subnets.

On Physical switch we will create Vlan's for vmotion,Management, IP Storage and VXLAN.

My question we will create only one Vlan for VXLAN or 3 VLAN's for VXLAN corresponding to each logical switch.

Scenario 2

Same as above but in this case Logical Switches are in same subnet.

Again will we create one VLAN for VXLAN or 3 VLAN's for VXLAN corresponding to each logical switch.

0 Kudos
5 Replies
smitmartijn
VMware Employee
VMware Employee

In most cases you would use 1 VLAN for VXLAN networks, commonly called the transport vlan. And it really doesn't matter to VXLAN if your VMs on certain logical switches are using the same subnets. A VXLAN is basically a VLAN inside a VLAN, so logical separation is already there.

Have a look at the NSX Design Guide to give you a sense of the requirements: NSXvSphereDesignGuidev2.1.pdf

0 Kudos
YohanTurner
VMware Employee
VMware Employee

Hello There,

The answer is that it depends on how your environment has been setup. See feedback below:

Scenario 1


This depends on your topology, are your clusters/hosts all on the same subnet or are they on different layer 3 subnets ? Typically, they would be on separate layer 3 subnets and for this you would setup

a separate VXLAN subnet for each segment that you have. For example, if you had a MGNT Cluster on one subnet and then your Compute on another cluster then you would setup 1 VXLAN subnet for the MGNT cluster and a separate different subnet one for your Compute cluster.


If you have it all on one layer 2 domain then you can use one vxlan across all hosts.

The purpose of VXLAN  is to send communications between hosts at the physical layer so this needs to fit in with your current physical topology.


Scenario 2


The logical switch is used within NSX to logically seperate VMs on differnent subnets. Typically, 1 logical switch per IP subnet (just like the real world, 1vlan to 1 subnet). How you setup your physical VXLAN and logical switches are independent to a point. That said, what VXLAN does allow you to do is to have 1 logical switch span all the hosts in your VXLAN domain, this means you can have the same logical switch (layer 2 domain) across different layer 3 boundaries where your VXLAN spans.

Yohan

harinderkohli41
Contributor
Contributor

Thanks smitmartijn for the clarification.

You mean to say that we should have one VLAN corresponding to transport zone even if we have 2 clusters in different subnetsin the same transport zone.

This means if we have 2 separate Transport Zone corresponding to 2 Clusters in that case we will have 2 VLAN's.

0 Kudos
harinderkohli41
Contributor
Contributor

Thanks Yohan for the clarification.

I think you are right that we need Separate VLAN for Separate subnets.

0 Kudos
YohanTurner
VMware Employee
VMware Employee

Transport Zone dictates from a logical NSX perspective which clusters will be included in your VXLAN domain. Typically, unless you are a SP or setting up multi tenancy you just need one transport zone with all your clusters in it. Transport Zone is independent of vlans.

So you should end up with :

1.  Multiple VXLAN physical subnets so your hosts can reach each other at a physical level. Nothing to do with Logical switches / Transport zones at this point.

2. 1 x Transport Zone to group all your hosts in a single NSX logical domain and enablement for you to span logical switches (layer 2) across your layer 3 hosts.

3. Multiple logical switches, which will span all hosts in your transport zone. 1 logical switch per ip subnet. Your logical switches will live in your transport zone domain.

Yohan