Musings from the Cold Aisle
cchai , Regular Visitor
Musings from the Cold Aisle
The Definitive Guide to NSX Gateway Uses Cases
Aug 26, 2013

This week at VMworld San Francisco, We will be hearing about new products, new technologies, new features, new demos, new partnerships, and yes, even new cured meat options for breakfast!  Even with all that yummy goodness, three letters will rise above the rest: N-S-X (as in VMware NSX).

 

Juniper is an NSX development partner and will be talking about NSX support across different products in our portfolio.  One term that you’ll see a lot is “NSX Gateway”.  For Juniper, this shows up in our routers and switches that will deliver capabilities across two categories: NSX L2 gateway services and VXLAN routing.  What makes this notable is the level of flexibility users can enjoy as they implement and migrate to their NSX environment. Lets examine these capabilities, and where we see each potentially being used:

 

L2.png

Use case #1: Virtual network to bare metal server connectivity

Capability: VMware NSX L2 gateway services on the access switch

Anywhere from 40-60% of servers today are virtualized (depending on how aggressive you want to be). And while this number is on a definite upward trend, there remain applications that still sit on non-virtualized servers.  There could be many reasons for this – the application might be tied to specific hardware or driver requirements, or it might have strict, SLA-driven performance requirements, or it may be a data set that sits on non-virtualized IP-based storage, or there might be legacy servers that simply don’t have the horsepower to spin into VMs.  Either way, if these applications ever need to talk to applications on a VM (likely), there needs to be a bridge.  This is where this capability on the access (top of rack) switch makes sense.

 

Use case #2:  Connecting virtualized and non-virtualized data centers

Capability: VMware NSX L2 gateway services on core switch or edge router

This is an extension of the first use case.  Many customers we’ve talked to segment their physical data centers from their virtual ones.  If a workload needs to traverse the two, delivering the gateway capabilities at the core switch or edge router is the best deployment option.

 

Use case #3: Delivering shared physical network resources to different virtual networks

Capability: VMware NSX L2 gateway services on edge router

For an ITaaS or any XaaS environment, keeping your tenants separate is paramount to optimizing utilization and capex investments.  In many cases, different tenants are accessing shared physical resources, but into their own virtual domains.  A L2 gateway at the core switch or edge router is the ideal demarcation point to be able to separate requests from individual users into each virtual domain.

 

L3.pngUse case #4: VXLAN stretch across physical data centers

Capability: VXLAN Routing on core switch or edge router

VM and workload mobility has a plethora of benefits, but doing this across distance has proven to be a challenge, most often from a performance perspective.  In environments designed for business continuity, disaster preparedness and recovery, workload mobility across the WAN only occurs in very specific windows for upgrades and other maintenance.  Even so, it’s an important requirement to be able to connect these workloads and at a certain point, the traffic needs to be routed.  Specifically, the edge device needs to be able to de-encapsulate the VXLAN protocol, route that traffic across the WAN (using whatever routing encapsulation desired, MPLS, VPLS, eVPN, etc.) to the other end, where it can be re-encapsulated back to VXLAN.  This capability needs to exist on the edge router.

 

Use case #5: Inter-data center and intra-data center VXLAN routing

Capability: VXLAN Routing on core switch or edge router

This use case can be deployed in a couple of different ways, but the prime capability remains the same – connecting multiple (different) VXLAN networks on a single infrastructure.  L3 segmentation is a common way to do this in a traditional (non-virtualized) data center, and it’s no different in the virtual world.  Keeping VXLAN network A and VXLAN network B separate but within routable subnets for shared services is an important reason to extend VXLAN routing support to the core switch or edge router.

 

I’ve covered the five most common use cases that we see with our customers.  There are likely more out there today, and even more to come.  But regardless of what’s in your data center and what you’re trying to do with it, if VMware NSX is part of that picture, we would love to hear from you. Juniper is a platinum sponsor at VMworld this year, so we will be easy to find.  Stop by our booth (#1613) where we will be demonstrating these use cases (and many more).  You’ll also be able to speak to an expert at our “node bar” about how to make all this a reality, and who knows, maybe even sample a yummy little surprise that sizzles.  We hope to see you there.