New Content: VMware NSX-T 3.0 Update

When VMware NSX-T 3.0 came out, I planned to do an update session of the VMware NSX Technical Deep Dive webinar along the lines of what I did for AWS Networking a few weeks ago. However, it turned out that most of the new features didn’t take more than a bullet or two on an existing slide, or at most a new slide.

Covering them in a live session and then slicing-and-dicing the resulting recording simply didn’t make sense, so I updated the videos in summer 2020 (the last batch was published in early August).

Features covered in updated videos include:

  • Changes to Data Center and Enterprise Plus licenses
  • NSX-T support on VDS 7.0
  • Custom MAC limit per VNI
  • Windows 2016 Bare Metal server (+ RHEL 7.6 and 7.7)
  • AMD EPYC support for NSX Edge nodes
  • NAT64 and DHCPv6, IPv6 load balancing
  • Rate limit on Tier-1 uplink
  • Lower BFD timers
  • Time-based scheduling of firewall rules
  • E-W service chaining at the edge
  • New Edge XL platform
  • Local egress for L2VPN
  • L2VPN on Tier-1 gateway
  • PMTUD discovery for L2VPN
  • Stateful VPN failover on NSX Edge node failure
I’m positive there was a huge amount of effort behind some of these features, it’s just that there’s not much to say about them. Take NSX-T on VDS 7.0 as an example. I could go into the nitty gritty details (which I could cynically summarize as “too much third-party **** was borked, so we gave up”), but from a bit further away it boils down to “it works, use it, but only with vSphere 7”.

That left what I considered to be major features: VRF-Lite and EVPN, IP Multicast, Distributed IDS, and NSX-T Federation. Some of these features were a bit under-documented, so I decided to wait until after VMworld 2020 to develop the update materials.

Another aside: kudos to whoever wrote IP Multicast documentation. Concise, precise, and very pleasant to read.

I finally collected enough information in mid-October, but then it turned out that most of the new stuff doesn’t take more than 10-15 minutes… yet again not warranting a live update session, so I just recorded short videos and published them.

The only new feature left was NSX-T federation. NSX-T 3.0 release notes claimed it was not production ready, so I decided to postpone any related work, but of course a few days after I made that decision VMware released NSX-T 3.1 with improved federation support. The current plan is to have an NSX-T Federation update sometime during the winter. In the meantime, you can get an overview of what it’s all about in a video I recorded when updating the VMware NSX, Cisco ACI, or EVPN webinar.

Add comment