VMware NSX for vSphere - basics: components and services overview.

By | September 10, 2015

As a settler in the SDDC world 🙂 I can't miss a key product in the software-defined data center - VMware NSX 🙂 NSX  allows creating, deleting or restoring software-based virtual networks. I'm impressed how VMware works on improving NSX. I think, every ~2 months, we can download the next version of NSX with new features 🙂 In this short post, let's discuss the NSX basics - components:

VMware NSX for vSphere - basics: components and services overview

  • Data Plane
  • Control Plane
  • Management Plane

Above components are the most important. There is also one more component - Consumption Plane = e.g. integration with vRealize Automation, vCloud Director.

NSX Management Plane

The NSX management plane is based on the NSX Manager. This is a virtual appliance (deployed as a standard OVF template on an ESXi host - recommended using the Management Cluster) pointed to vCenter (1:1 relationship. If you have a cross-vCenter NSX environment that I described some days ago, there is also one-to-one relationship). NSX Manager is responsible for controlling and managing the whole virtual network by:

  • centralizing network management,
  • providing REST APis for creating, configuring and monitoring NSX components such as logical switches or edge services gateways.

NSX Control Plane

The NSX control plane is based on NSX Controller cluster. NSX Controller is also a virtual appliance (must be deployed in a three-node cluster for high availability and scale) that is responsible for managing the distributed switching and routing modules in ESXi hosts. The controller does not have any dataplane traffic passing through it.

The NSX controller is the central control point for all logical switches within a network and maintains information of all virtual machines, hosts, logical switches, and VXLANs.

NSX Data Plane

The NSX data plane is: NSX vSwitch = vSphere Distribued Switch (VDS) + kernel modules (such as VXLAN, Distributed Logical Router or Firewall). VMware NSX for vSphere - basics: Data Plane viewNSX vSwitch provides access-level switching in ESXi host. The logical router provides L2 bridging from the logical networking space (VXLAN) to the physical network (VLAN). The NSX Edge gateway connects isolated, stub networks to shared (uplink) networks by providing common gateway services such as dynamic routing, perimeter firewall, DHCP, VPN, NAT, and Load Balancing.

NSX Services

There are NSX services as follows:

  • Logical Switches - a distributed switches that can span vSphere clusters. Each mapped to a unique VXLAN and also can be extended to a physical device using an L2 bridge.
  • Logical Routers
  • Logical Firewall - a hypervisor kernel-embedded firewall.
  • Logical VPNs
  • Logical Load Balancer
  • Service Composer - grouping and mapping services to applications
  • NSX Extensibility - integration with 3rd-party solutions.

I will write a dedicated post about above services. Please stay tuned! 🙂

NSX components interaction

To sum up, the following figure presents interaction between NSX components:

VMware NSX for vSphere - basics: components interaction

For more information, please follow VMware NSX official documentation.

Author: Mariusz

Architect (~ 15 years experience based on passion...) with strong background as a System Administrator and Engineer. Focused on Data Center Solutions: Virtualization/Cloud Computing and Storage/Backup Systems. Currently living in Poland.