NSX Components

NSX components consists of
  • Management Plane
  • Control Plane
  • Data Plane










NSX Management Plane:

  • The NSX management plane is based on the NSX Manager.
  • This is a virtual appliance (deployed as a standard OVF template on an ESXi host – recommended using the Management Cluster) pointed to vCenter (1:1 relationship till version 6.1.x)
  • NSX Manager is responsible for controlling and managing the whole virtual network byCentralizing network management.
  • NSX can be configured through the vSphere Web Client, a command line interface (CLI), and REST API.
  • Providing REST APIs for creating, configuring and monitoring NSX components such as logical switches or edge services gateways. 

NSX Control Plane:

  • The NSX control plane is based on NSX Controller cluster.
  • NSX Controller is also a virtual appliance (must be deployed in a three-node cluster for high availability & scale) that is responsible for managing the distributed switching & routing modules in ESXi hosts.
  • The controller does not have any data plane traffic passing through it.
  • The NSX controller is the central control point for all logical switches within a network & maintains information of all virtual machines, hosts, logical switches & VXLANs.
NSX Data Plane:
The NSX data plane consists of NSX vSwitch = vSphere Distributed Switch (VDS) + Kernel modules (such as VXLAN, Distributed Logical Router or Firewall)
  • NSX vSwitch provides access-level switching in ESXi host.
  • NSX logical router provides L2 bridging from the logical networking space (VXLAN) to the physical network (VLAN).
  • NSX Edge gateway provides common gateway services such as dynamic routing, perimeter firewall, DHCP, VPN, NAT & Load Balancing.
NSX Services:
  • Logical Switches – Distributed switches that can span vSphere clusters. Each logical switch is mapped to a unique VXLAN & also can be extended to a physical device using an L2 bridge.
  • Logical Routers
  • Logical Firewall – Hypervisor kernel-embedded firewall.
  • Logical VPNs
  • Logical Load Balancer
  • Service Composer – Grouping & mapping services to applications
  • NSX Extensibility – Integration with 3rd-party solutions (PaloAlto, TrendMicro etc.)