The NSX-T transport zone defines the boundary for the transport nodes and VMs that can participate in the use of a particular network. A transport zone does this by limiting the hosts that can see a logical switch and VM’s can be attached to the logical switch. Segments aka Logical switches can only be part of a single transport zone but transport nodes (ESXi, KVM and NSX Edge) can span across one or more transport zones.
NSX-T Data Center does not allow the connection of VMs that are in different transport zones in the Layer 2 network. The span of a logical switch is limited to a transport zone, so virtual machines in different transport zones cannot be on the same Layer 2 network.
Types of NSX-T Transport Zone
There are two types of NSX-T Transport Zones in NSX-T. Overlay Transport Zone and VLAN Transport Zones. Let’s talk about both in details
Overlay Transport Zone – Used as the internal tunnel between transport nodes. This transport zone carries GENEVE-encapsulated traffic. GENEVE is the overlay protocol used in NSX-T. NSX-V uses VXLAN as an overlay protocol. The overlay transport zone can be used by both transport nodes such as hypervisors and NSX Edges. When an ESXi host or edge transport node is added to the overlay transport zone, an N-VDS will be installed on the hosts or NSX Edge.
VLAN Transport Zone – Used by the NSX edge and host transport nodes for its VLAN based uplinks. It can carry 802.1Q tagged traffic. When transport nodes such as Edge or Hypervisors added to a VLAN transport zone, a VLAN N-VDS will be installed on the hypervisor hosts or NSX Edge.
What is N-VDS?
AN N-VDS is a software logical switch similar to the vSphere distributed switch in NSX-V. It provides the forwarding service on the transport nodes. A- NVDS is create and distributed across hypervisor (ESXi and KVM) and NSX Edge transport nodes. N-VDS provides uplinks for host connectivity to the physical switches. When the ESXi host is prepared for NSX-T as a transport node, an N-VDS is created on the hosts.
Unlike vDS in NSX-V, the N-VDS switch is independent of the vCenter server and it is seen as an opaque switch by vCenter server. N-VDS can co-exist with vSphere standard and distributed switches. N-VDS performs layer 2 forwarding and supports VLAN, port mirroring, NIC teaming and Link aggregation (LACP) groups are implemented as ports.
How does the Transport Zone and N-VDS are linked?
When we create the transport zone, we have to specify the N-VDS name. So the transport zone is mapped to an N-VDS switch. Transport nodes such as ESXi and KVM use this N-VDS to connect to the transport zone. You can use the same N-VDS to link to multiple transport zones. I.e Single N-VDS can carry the traffic of both the Overlay transport zone and the VLAN transport zone.
How to Create the NSX-T Transport Zone?
To create the NSX-T Transport zone, log in with admin privileges to NSX Manager at https://<nsxt-manager-hostname or ip-address>. Go to System >Fabric -> Transport Zones -> “+ADD”
Enter in the following details in the New Transport Zone wizard:
- Name Name of the Transport Zone. Name the transport name in an understandable way so that we can identify the type of transport zone from the name. In my example, I am creating an Overlay transport zone. So I named as “TZ-Overlay”. You can name the transport zone as per your organization’s naming standards.
- Description: Enter the description of the transport zone
- N-VDS Name: Specify the name for the N-VDS switch. If you are creating the transport zone, you have the specify the N-VDS name. So that Transport Zone will be mapped to the N-VDS
- Host Membership Criteria: Select Standard or Enhanced Datapath
- Standard: Supports all hypervisors hosts such as ESXi and KVM
- Enhanced Datapath: It is only supported for the ESXI hosts with Version 6.7 or above.
- Traffic Type: Select Overlay or VLAN
- Uplink Teaming Policy Names: <Optional>
Once all the details are specified in the “New Transport Zone” page, Click ADD to create the new NSX-T Transport Zone.
NSX-T Overlay Transport Zone called “TZ-Overlay” is created and it is associated with the N-VDS called “MD-NVDS-01”.
Let’s create another transport Zone for “VLAN Based Transport Zone”. Click “+ADD” under the Transport Zone. Specify the details the same as explained in the previous steps. In this example, I am using the same N-VDS switch called “MD-NVDS-01” to map it to this VLAN transport node. We can specify separate N-VDS or the same N-VDS to map it to the Transport zones.
Select Traffic type as “VLAN” to create the VLAN based Transport zone. Click “ADD”
We have created two transport zone one for Overlay traffic and the other one for VLAN traffic. In our example, both the transport zones are mapped to the same N-VDS called “MD-NVDS-01”. We should ensure that the Transport zone status should be “UP” after the deployment.
That’s it. we are done with creating the NSX-T transport zones for Overlay and VLAN based traffic. In the upcoming posts, we will discuss in detail about preparing the ESXi hosts as transport nodes and how to link the transport nodes with the transport zone. I hope this article is informative for you. Thanks for Reading!!!. Be social and share it in social media, if you feel worth sharing it.