Awsome explanation, i am working on a presentation for NSX for last one month and this particular explanation you gave was just the one i needed. Thanks a lot Jody.!! Also i have a question ! As you said for DR and active/active DC , will the traffic go through the tunnel already in the network or will NSX create an IPsec for this ??
Sorry, didn't monitor comments. Heck I didn't even think anyone would watch :). Traffic with go through the VXLAN tunnel. There is no security aspect as part of the VXLAN RFC. However, if the traffic is already encrypted, then that same encrypted packet (SSL for example) will simply be encapsulated (now it's a VXLAN encapsulated SSL packet) and sent between DCs retaining it's own security properties. So VXLAN neither adds nor eliminates any security posture.
I'm new to this. It sounds to me that a port group is an actual switch/bridge and a DS is a network/segment of those port-groups (switches).
very nice
Hello Sir, need urgent help!! My question is, Can we create policy-based routing in NSX v for PAN VM?
Awsome explanation, i am working on a presentation for NSX for last one month and this particular explanation you gave was just the one i needed. Thanks a lot Jody.!! Also i have a question ! As you said for DR and active/active DC , will the traffic go through the tunnel already in the network or will NSX create an IPsec for this ??
Sorry, didn't monitor comments. Heck I didn't even think anyone would watch :). Traffic with go through the VXLAN tunnel. There is no security aspect as part of the VXLAN RFC. However, if the traffic is already encrypted, then that same encrypted packet (SSL for example) will simply be encapsulated (now it's a VXLAN encapsulated SSL packet) and sent between DCs retaining it's own security properties. So VXLAN neither adds nor eliminates any security posture.
Now i'm much more clear on VMware NSX.