Hi
I'm a novice in vmware nsx ans i would like to configure an network with 3 hypervisors , 2 clients and one server (DNS, anti-virus...)
can i use only one physical machine ?
i would like also to test a vmware nsx isolation
what tests i can do for demonstrate this isolation
Thank you very much
You sure can, just send me a private message if you run into any roadblocks. Good luck!
Hello 3222,
Whilst it is possible to set up nested hypervisors and you could run NSX Manager alongside or also on those hypervisors on one physical server it would be very complex to set up and understand which layers traffic was passing at (mainly due to the nesting)
It would also have to be a very powerful single machine to accomodate the RAM requirements alone for
The full details for requirements can be found here
VMware NSX 6.2 for vSphere Documentation Center
You could save some space by deploying on vcsa 5.5 and esxi 5.5 but not much and I wouldn't recommend doing much with 6.0/6.1 as so much has been fixed and improved in NSX 6.2
Hope that helps
Hi there,
start simple to understand what you can achieve with the tools, to quick intro check this link:
http://blogs.vmware.com/networkvirtualization/2016/03/cross-vc-nsx-multi-site-solutions.html
I would say, if you want to try NSX there is a couple of Hands of Labs from VMware free on line, it is a complete environment with NSX, you can follow the script of tasks or not to experiment with all the features about NSX then having a better idea try to test isolation with VXLAN, try to mimic some of the labs that will help you as a guide, all HOL's are based on virtual infrastructure
hope this helps
regards.
Thank you everybody.
i have a question
if a PC is virgin, i need to install a windows server before to install vmware esxi , vcenter and nsx ???
Honestly, your best bet would be to use ESXi as your "base OS". It has way less resource overhead, so the resources you have will go further. Also, it plays nicely with nested hypervisor environments.
Unfortunately, as others have mentioned, you would need a very powerful physical server to host all those components, not to mention it will be extremely difficult to set up for beginners.
To answer your question, if you are determined to make this work within a single host, then you will have to install Windows/Linux, then install VMware workstation to host your ESXi and other components. I believe someone recently attempted to do this, but not sure what the results were. However, a traditional setup would be to have three separate physical hosts, each running their own ESXi, and hosting all your virtual desktops, vCenter, NSX Manager/Edges/Controllers from it.
thank you very much
ok 3 physical machine . Every machine with her own vmware esxi , vcenter and his own nsx ??
and how i can admin there machine by an only pc ?
and how i can test the isolation
To be more precise, you would generally need three physical machines, each running its own instance of ESXi. Once installed, you can deploy a virtual desktop and set up your basic infrastructure servers such as AD/DNS/DHCP etc.
At this point, you can install a single instance of vCenter, not three, to cluster your ESXi hosts, which you can use to manage all three ESXi hosts from this central location. Same with NSX Manager, just a single instance is needed on any of the three ESXi hosts. Mostly, you will be using the vSphere Web Client to access all your virtual infrastructure.
As for the security isolation, there are various methods of implementing/testing it. You can do it using VLAN/VXLAN or using NSX's distributed firewall/router and more. There are various resources from VMware which covers this topic extensively, so I highly recommend reading through some of them.
Getting Started with VMware NSX Distributed Firewall - Part 1 - The Network Virtualization Blog
Getting Started with VMware NSX Distributed Firewall - Part 2 - The Network Virtualization Blog
If you require further help, feel free to contact me and I'll see what I can do to help!
Thank you very very very . A thousand very much
Now i understand
Can i ask your help if i have any problem with a configuration ????
You sure can, just send me a private message if you run into any roadblocks. Good luck!
Thank your for your help
I would like a simple physical configuration containing 2 esxi and another for the management
3 hypervisors to see if the network configuration is completely cross the HV
each network must have its vlan
a service VLAN (monitoring, backup, license server, anti-virus, dns, etc.) that would have visibility into another wham "clients" that they would have no visibility between them.
FW rules put between VLAN services to individual clients for each service.
All these vlan communicate with the physical network
distributed network ports connected to HV and should be able to get out on the Internet (via FW) or through the Internet directly to the ports of the HV and manage in NSX (the vrtualisation FW? consequences?).
To demonstrate the service network, we could simply put a vm with the console A / V trial version and see that the console communicates well with protected vm
I can't add physical diagram image here
I put 3 pc linked by a physical netgar swicth
the switch is connected to the internal network
1 pc -esxi1 10.2.4.2
2nd pc esxi2 10.2.4.3
3rd pc esxi3 (nsx manager) 10.2.4.4
but I'm not satisfied
I despair
I don't know how to have a proper physical schema
help me please
Hi ocecilocecil,
I sent you a private message but i don't know if you received it
Yes Surely you can do. One of my colleague deployed his complete NSX Lab on single ESX server. You can checkout this link.
I did not get any private messages from you, but I just sent you one so you can reply to it.
I d'ont know why but i can't send a messages
i can't
I got your message, send ya my contact information so we can set up a webex.