SDN: VMware NSX (Part 1)

In June 2014 me and my cloudfix co-bloggers attended a seminar about network virtualisation in general and VMware NSX specifically. The seminar also contained a deep-dive into the details of VMware NSX. This deep-dive triggered us to do a blog post series on network virtualisation in general and VMware NSX in detail.

This first article in the series will talk about the VMware NSX globally after which the following will start deep-diving into the specifics about this solutions. I hope you find the series useful in understanding what the VMware NSX solution can do for your organization.


VMworld, here we come!

The moment is getting closer and closer, Niels & Robert are attending VMworld Barcelona 2014 (13-16 oct.)! We’re really looking forward to meeting all you vRockstars in person and learn everything there is to know about the new features vendors like PernixData, Nutanix, Cisco and ofcourse VMware  are presenting on VMworld Europe and provide you with this information on our blog.


In this article we’ll give a short overview of sessions we think everybody should attend and why.

Convert Cisco 1000v from standalone to HA set-up

Recently, working on a customer environment, I discovered that their current Cisco 1000v implementation was not redundant. We quickly decided to convert the standalone setup to a HA-setup. This article shows how this can easily be done.

Cisco Logo

The current setup was a Cisco 1000v VSM (Virtual Supervisor Module) in L2 Control mode, but the same procedure can be applied to a Cisco 1000v in L3 Control mode.

DMVPN Single-Hub Configuration

As I’m currently preparing for Cisco CCIE R&S Written exam I’d like to share some information on the subject of DMVPN (Dynamic Multipoint Virtual Private Network) as this is one of the new topics added to the Cisco CCIE R&S blueprint (on the written and lab exams). You only have to know about the single-hub toplogy, but it’s also not very difficult to do a dual-hub dual-cloud topology.

What is DMVPN?

DMVPN is a VPN which uses dynamic tunnels, this means that on the hub only 1 tunnel is needed to connect all the different spokes to the hub (so no more configuring an IPSEC-tunnel for each site you want to connect). It even automatically forms spoke-to-spoke tunnels on demand, so spoke-to-spoke traffic does not need traverse the hub. Another advantage in my opinion that it is very easy to setup and a very stable solution.

DMVPN is based on:

  • mGRE (Multipoint Generic Routing Encapsulation)
  • NHRP (Next Hop Resolution Protocol)
  • a Dynamic Routing Protocol (EIGRP, OSPF, BGP)
  • IPSEC (optional)