[Whitepaper] 7 Reasons Why Micro-segmentation is Powerful to Have and Painless to Add
Like any industry transition, software-defined storage will take several years to be fully realized. But even at this early stage, the “genetic code” behind this new approach to storage is becoming better understood. While we will certainly see variations on a core theme, the essence behind software-defined storage serves to differentiate it from other forms. As software-defined storage grows and matures, this blueprint has the ability to change how we think about storage: both as a standalone discipline and as part of an integrated software-defined data center.
VMware Social Media Advocacy
So I have just finished a week in Munich on an internal NSX design & deploy course which had some great content. I have made a few notes and wanted to very briefly blog those, mainly for my benefit but also in the hope they may be useful or interesting to others as well.
In no particular order:
- vSphere 5.5 – When upgrading the vDS from 5.1 to 5.5 you need to upgrade vDS to Advanced mode after you do the vDS upgrade. This enables features such as LACP and NIOC v3 but is a requirement for NSX to function correctly.
- When considering Multicast mode with VTEPs in different subnets be aware that PIM is not included in the Cisco standard licence and requires advanced! PIM is a requirement when using multiple VTEPs in different subnets.
- When using dynamic routing with a HA enabled DLR the total failover time could be up to 120 seconds
- Consider setting a static route (summary route) with the correct weight which is lower than the dynamic route so traffic isn’t disrupted during DLR failover
- Different subnets for virtual and physical workloads lets you have 1 summary route for the virtual world. (for the above event – this is likely not possible in a brownfield deployment)
- Note during a DLR failover it looses the routing adjacency – the routing table entry upstream is removed during this period – which looses the route – this could be avoided by increasing the OSPF timers upstream so they won’t lose the route.
- If you fail to spread the transport zones across all the applicable hosts that are part of the same vDS -the port groups will exist but won’t be able to communicate (No traffic flow – if someone accidentally selects that port group)
Part two coming soon!