Yearly Archives: 2016

301
1

NSX-V SpoofGuard via API

SpoofGuard is a feature of NSX that provides administrative control of IP and Mac address assignment for VM’s. The two benefits of Spoofguard are to (1) control virtual machine access to virtual network switches, and (2) protect against unauthorized IP address and MAC address changes by virtual machine OS administrators and users.

Like other capabilities of NSX, SpoofGuard administrative control can be accessed via the NSX API…

Read More
101
1

Jumbo Frames and Network Virtualization Overlay Networks

In data networking, the standard Maximum Transmission Unit (MTU) for IP frames is 1500 Bytes. Jumbo Frames are MTU’s larger than 1500 Bytes although when we reference Jumbo Frames, we are normally referencing a Frame with an MTU of 9000 Bytes.

Network Virtualization and the addition of an overlay (encapsulation) networking technology (VXLAN, STT, GRE, Geneve) to the data center requires some consideration as to what MTU to use due to the overhead of overlay transport technologies.

VMware NSX using the overlay technology VXLAN requires an MTU of 100 bytes greater than the networks used for Virtual Machines – In a traditional data center using a 1500 byte MTU for virtual machines, this would require the use of a 1600 Byte MTU for the L2 or L3 network(s) associated with the overlay or NSX Transport network…

Read More
201
0

RFC 6598 – IANA Reserved Address Space 100.64.0.0/10

Just a quick post to make reference to RFC 6598 and the IANA reserved address space 100.64.0.0/10 which spans 100.64.0.0 – 100.127.255.255.

https://tools.ietf.org/html/rfc6598

As detailed in the RFC description, it is intended for use on Service Provider networks however, it may be used in a manner similar to RFC 1918 private address space on routing equipment that is able to do address translation across router interfaces when the addresses are identical on two different interfaces.

From an NSX perspective, optimal use case is between a NSX Distributed Logical Router (NSX Tier-1 Router) and Edge Router (NSX Tier-0 Router). All good!

Read More
Geeking Out
0

STT Review

Network virtualization uses an encapsulation technology for the overlay network. Common encapsulation technologies include GRE, VXLAN, STT, and a promising new technology called Geneve.

Today, we will focus on Stateless Transport Tunnel (STT) and some of the benefits over GRE and VXLAN….

Read More
Geeking Out
0

Intel® DPDK Review

With the growth of network virtualization, it’s time to take a look back at Intel Data Plane Development Kit (DPDK). DPDK provides optimized Packet Processing on Intel® Architectures.

The following homepage and document from Intel® details DPDK capabilities…

http://www.intel.com/go/dpdk

http://www.intel.com/content/dam/www/public/us/en/documents/presentation/dpdk-packet-processing-ia-overview-presentation.pdf

Read More