This article is number two of a series about the upcoming network virtualization spree, specifically the one coming from VMware. Check out the first article in this series, ‘Introduction to VMware NSX.

VMware NSX – Distributed Services

Traditional network services have evolved over the last years. Introducing more advanced firewalling, loadbalancing and remote access services. Typically, datacenter networks architecture these days look somewhat look this:

VMware-Traditional-Services-300x300.png

The routers can be virtualized inside a physical box, using either VRFs or vendor proprietary router virtual routers, such as Cisco VDC. However, the external and internal firewalls are usually separate monolithic hardware firewalls, which puts a large dent into the network budget.

As we move to a virtual-everything world, desktops and applications are hosted inside the datacenter more and more. The data traffic going east-west inside the datacenter is continuing to grow and is causing scalability issues on the central network services devices. Firewalls and load balancers need to be upgraded (in-place) to keep up and are bleeding the network budget.

With VMware NSX, the physical load balancers and internal firewalls will turn virtual. This will increase the scalability of your internal services enormously; every VM will have it’s own firewall instance (embedded in the ESXi kernel) and you’ll have a load balancer service per application. Here’s how the next step in virtualization will look like:

VMware-Distributed-Services.png

The possibilities are limitless. There will be a world where you can build a datacenter network with a single pair of proper core switches, standard switches and the rest will be purely x86 servers. Here’s how I think the datacenter network will look in a few years when virtualization has really kicked in:

VMware-Virtual-Networking-Endstage.png

Check out these great vendors making some awesome announcements about NSX integration:

 

paloalto-150x105.pngjuniper.giff5-logo.png
catbird_logo.pngFortinet_Logo_PMS485-300x34.pnglogo-mcafee.png

 

There’s still a lot of ground to cover on NSX and you will find a lot of information here as I love this technology and love the possibilities it gives when designing datacenter architectures.

One thing that has set me off a little bit, is the fact that VMware is keeping NSX closely to their chest. Evaluations are currently not on the table and integration partners are excluded from implementation tracks and there is no way to get a hold of NSX but through VMware’s Professional Services. Maybe it’s the difficulty implementing NSX, maybe it’s VMware not being ready with NSX but feeling compelled to put it out at an early stage, who knows. All I know it’s very disappoint for those of us who want to turn NSX inside and out.

They say partners will start getting in the loop around Q3 2014, but I wish they’d move that timetable up a few quarters.

 


This article was written by Martijn Smit, Datacenter engineer at Imtech ICT. This article was republished from his blog with his permission

Also check out Martijn’s website Lostdomain.org.