VMware NSX T Flooding

Leave a Comment / By /
Rashmi Bhardwaj | Blog,Cloud & Virtualization
Google ADs

In the age of digital transformation organizations focus more on building custom business applications to leverage their core business and go ahead into the market at a faster pace than its competitors. The speed with which development teams are delivering new applications and capabilities has brought in focus cloud centric architecture with increasing pressure on security also. VMware NSX is a technology architecture solution which provides ease and speed of deployment for business applications in cloud centric environments. 

In today’s topic we will learn about VMware NSX T Flooding, its types and why it is needed. 

NSX T Flooding 

In today’s topic we will discuss traffic flooding issues in NSX T devices. NSX T segment is like a local area network (LAN) which has the capability to provide flooding traffic to all devices attached to the segment. This is a layer 2 capability. NSX-T do not differentiate between types of frames being replicated across multiple destinations. 

Google ADs

Broadcast, unknown unicast or multicast all kinds of traffic will be flooded in similar manner across network segments.

Logical switch is a broadcast domain which can span across multiple hypervisors used for compute. VMs in the same subnet could connect to same logical switch. 

Related: VMWare NSX-T vs NSX-v

In the overlay model, different NSX-T components orchestrate replication of a frame to be flooded on a network segment. 

Each host transport node is a tunnel endpoint with an IP address. IP addresses can be in the same IP subnet or different subnets based on IP pools configuration or DHCP for transport nodes. When two VMs on different hosts communicate directly, unicast-encapsulated traffic gets exchanged between the two tunnel endpoints IP addresses without any need for flooding. However, sometimes the traffic originated by a VM host needs to be flooded or sent to all other host VMs who belong to the same logical switch. This is a typical case of layer 2 broadcast, unknown unicast or multicast. 

Types of NSX T Flooding

There are two types of flooding provided by NSX-T for traffic.

Head (Source) Replication Mode

It is also known as head end replication there are no replicators. A copy of each BUM frame is created for each tunnel endpoint it knows about and sends it. If all the hosts tunnel endpoints are on the same subnet, the selection of replication makes no difference as behaviour will not change. If the host tunnel endpoints are on different subnets, hierarchical two-tier replication helps to distribute load among several hosts. 

Hierarchical two tier (MTEP) Replication Mode

This is default replication mode. In this mode, the transport node at the frame origin to be flooded sends a copy to each other transport node which is connected to the same segment. This mode is similar to unicast for NSX-V. 

In the underlay, physical network (L2) all VETP IP addresses are on the same subnet, the BUM traffic is replicated to all ESX hosts which are members of N-VDS (logical VNI switch). 

For unknown unicast, ESX asks the controller about MAC address while forwarding packet to other hosts which is similar to broadcast or multi-cast traffic. MAC address learning does add some overhead in terms of replication but useful in the rare case of controllers not available.

This replication mode is recommended, to optimize CPU and reduce unnecessary traffic of replication of BUM traffic. This mode performs better in physical uplink bandwidth utilization as compared to head replicate mode.

Continue Reading:

Cisco ACI benefit over VMware NSX

VMware NSX-T Load Balancer: Components, Architecture, Features & Deployment Modes

ABOUT THE AUTHOR


Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Shopping Cart