Network & Security VMUG Community

Expand all | Collapse all

vDS+N-VDS vs All N-VDS for NSX-T

  • 1.  vDS+N-VDS vs All N-VDS for NSX-T

    Posted 04-12-2019 05:22 PM
    I have been going back and forth with a couple buddies lately and I figured I would toss our debate out to the public.

    Implementing green field 2.4 NSX-T environment.

    Option 1.
    Keep an vDS switch for VMK traffic and place the Edge VMs on their own vDS managed by vCenter.  Place all the overlay traffic on a NVDS managed via NSX.

    Option 2.
    Have a N-VDS for VMK traffic, one for Edge VM traffic, and one for overlay traffic all managed via NSX.

    Let the debate begin :)

    *there is no feature of functionality difference between the vDS or the N-VDS.
    **environment is being built out to house CLoud Foundation and vRealize Automation in the future.
    ***evironment will perform a hybrid cloud connection to AZURE in the future.

    ------------------------------
    Paul Bryant Global Architect
    Specialist/Staff
    Brink's Inc
    Fort Worth TX
    ------------------------------


  • 2.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 04-15-2019 09:33 AM
    Greenfield, I like all N-VDS, primarily for simplicity. Brownfield, I prefer to leave vmk on vDS and only migrate Edges and overlays. No technical rationale at all...all based on level of effort.

    Bryan

    ------------------------------
    Bryan Salek
    Engineer/Specialist
    VMware
    ------------------------------



  • 3.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 07-22-2019 05:29 PM
    I agree. I am currently desiging for a brownfield deployment that has vSAN as well and approach is the same, a mix of vDS and N-VDS ​

    ------------------------------
    Subramanian Chockalingam
    Fujitsu NZ
    Wellington
    ------------------------------



  • 4.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 07-24-2019 09:02 AM
    I have deployed 2.4 in both greenfield and brownfield.  The migration from vDS to NVDS was not difficult.  One extra step i took for network isolation was to create a VLAN TZ and migrated my VMK traffic there.  Appears to be working great thus far.

    ------------------------------
    Paul Bryant
    Architect
    Fort Worth,TX
    ------------------------------



  • 5.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 04-15-2019 11:40 AM
    N-VDS only is cleaner. I see no reason in a greenfield deployment to have mixture of N-VDS and vDS.

    ------------------------------
    Rutger Blom
    Consultant
    Proact IT Sweden AB
    Malmö
    ------------------------------



  • 6.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 04-16-2019 11:47 AM
    Hi,

    Well that depends - always differentiate this application of VDS or N-VDS for compute/mgmt/Edge. And 2 pNIC vs 4 pNIC. Typically,  Edge VM it strongly preferred on VDS - this assumes either you have dedicated edge hosts (typically start with 2 and can go higher based on your need - average is 4 hosts) or the host has 4 pNICs - 2 for mgmt/vc/storage/mgt and other 2 for for compute). However if you have very small foot print e.g. 4 nodes - you do not have a choice but to put Edge VM on N-VDS.  I talk about this in my VMworld session last year. NET1562 or part-1 and part-2

    - Nimish

    ------------------------------
    NImish Desai
    Director
    Vmware Inc
    Apex NC
    ------------------------------



  • 7.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 07-20-2019 05:52 PM
    Nimish Desai's sessions are always 5-Star rated views! Best place to get Best Practices on deploying NSX-T.

    ------------------------------
    Paul Mancuso
    Product Manager
    VMware
    Palo Alto CA
    ------------------------------



  • 8.  RE: vDS+N-VDS vs All N-VDS for NSX-T

    Posted 07-25-2019 11:35 AM
    Both option are orthogonal.  The key is to remember what are you mixing - compute/Edge, Mgmt/Edge, Egde only.  All things 2 pNICs. I prefer not mix compute/edge (unless less then 2 rack case to justify cost).  If see my response below needs refinement - if you are mixing Edge VM with Compute - from the traffic troubleshooting view point and not mixing infra-traffic (mgm, vsan, vmotion) one can put Edge-VM with compute guest so you know where your traffic is going. However, traffic contention view point in 2 pNIC 10G design one has to make choice - what is important - application traffic contenting with Edge traffic or Infra (specially VSAN). If the VSAN is not super chatty (unbalanced or heavy writes) you can get away with contention with VLAN pinning and NIOC. With 4 pNIC design your question has better answer. For reducing risk on "what's unknown on infra-traffic" go with VDS and N-VDS (for all things). For VSAN that is localized to rack does not matter both N-VDS is fine. We will have updated design guide that talk about this with most combination - waiting for internal review and 2.5 release update. Before VMworld. :)

    ------------------------------
    NImish Desai
    Director
    Vmware Inc
    Apex NC
    ------------------------------