Virtual Kim

@Kim_Bottu … Virtually Gung Ho

VMware NSX Exploration Days

Some weeks ago Rich, the Staff Systems Engineer responsible for maintaining technical contact between the company I work for and VMware asked me if I would be interested in attending the NSX Exploration days, a two day event where the official 5 day ‘NSX Install Configure and Manage’ (kinda) gets crammed into a two day event. Now you have to know that NSX has been on my radar for the last year so, and I have been bugging my manager about it at least once a week (resulting in the manager banning me from mentioning NSX until  August 25, 2016… Not that it works) there was only one answer: ‘Hell yeah! Beam me up Scotty! Where do I sign up?’

Before I continue I want to express my gratitude to Rich and VMware Belgium for giving me the opportunity to participate in this wonderful event. So thank you very much, Rich and VMware Belgium!


First some obligatory bad news:

  • This course does not qualify you to take the certification exam and does not go in on the security configuration in NSX.
  • This event does not explain the advanced security features in the lecture but if you want to know more about those, you can do the advanced lab sections which are available.

But that is all the bad news there is, really!

Why you should attend

Now let me tell you why I think this event is a godsend:

  1. The presenter who delivers the course is a technical guy. He is not only extremely knowledgeable but he also avoids all the marketing talk! You might want to read that sentence again.. no marketing talk because this is a technical session.
  2. It is a two day event where they try to give you the knowledge of the Install Configure and Manage course in exactly 2 days. If you, like me, have a problem with keeping your attention in ICM courses because the pace in an official Install Configure and Manage course is too slow.. this is the course for you!
  3. The course is free of charge! You have read that right! It is completely free!
  4. The presenter mentioned that because they expect all the attendants to be higher skilled (Oops.. I am not Networking trained) the course reflects that and is on a higher skill level than the Install Configure and Manage course.
  5. This course has its own lab. So if you need more practical training after HOL or ICM, this is as good a place as any to get more hands-on training. This lab is available for a couple of days and evenings so in the evenings you can play around in it as well.
  6. The group of attendants is small. This is not a mass event where you can hardly ask questions. Opportunities to as questions are there in abundance.

So there you have 6 good reasons why it might be good to take up the offer of attending the NSX Exploration days when your VMware representative asks you if you are interested.


So what is day one all about?

Day one focuses on the the basics of NSX.

  1. What are the origins? – Nicira
  2. What is NSX
  3. What is VXLAN
  4. What is the difference between Cisco’s vision and VMware’s NSX vision
  5. Why does Cisco still use Multicast Mode while VMware and its partners have started using Extended VXLAN (Unicast)
  6. Why does VMware recommend Hybrid Mode
    • I suggest reading the NSX Design Guide on pages 29 – 30 to know more about this. Basically it provides the benefits of Multicast in a Unicast model.
  7. How does NSX seperate the management layers from the control plane and data plane.
  8. What is the OVSDB and what is its importance to NSX?
    • Extended VXLAN which is supported by VMware NSX, supports Unicast Mode, QOS and allows us to use the OVSDB –RFC7047– The Open vSwitch Database Management Protocol. This is the part that allows us to use the central management component on NSX – the NSX manager- and in turn allows us to separate the management plane from the control plane -NSX Controllers- and data plane.
  9. What is leaf and spine networking and what are its advantages compared to a campus model?
  10. What are the Transport Zone, Logical Switch and Logical Router?
  11. The last 3 hours of the day were spend on exercises.


Day two focuses more on the advanced networking features

  1. Distributed Firewall (micro segmentation!)
  2. Logical Load Balancing. have a look here:  The NSX Logical Load Balancer
  3. Advanced Load balancing
  4. VPN use cases. Have a look here: NSX VPN Use Cases
  5. A lot of attention is given to the difference of between the Distributed Firewall and the Edge functionalities.
  6. A lot of attention is given to the difference of between the Distributed Logical Router (East – West communication)  and the Edge Router function (North – South communication).
  7. Monitoring using Netflow,  VROPS and Log Insight.
  8. The last 3 hours of the day were again spend on exercises.



For someone with almost no networking background day one was a walk in the park. Mostly because I have read up a lot about NSX and have taken my VCA-NX some months ago. Day two however was a lot to take in. I never in my life had to deal with F5’s, Nexus switches, catalyst switches or anything of that.

Next to me on day one some networking people really had a harder time getting familiar with the concepts and clearly struggled to let go of all the Cisco way of doing things but really had a day of relief with day two. Day two represented a familiar environment for them: Load balancing, routing and Firewalls were very recognizable items to them and they did not really have problems with the concepts how NSX tries to change the whole network topology and workings. At day two some of them really could see the benefit of NSX.

So after all the hype (for me), do I think NSX is worth investing time in? Yes. NSX bridges a gap where networking and Security can be automated, where workflows and templates can be re-used and precious time can be saved. In the days where cloud providers are trying to convince IT management that they are better than local IT (SLA, CAPEX and even OPEX), NSX can aid also the local IT teams giving them an opportunity to shorten the time to provide a solution to the business they serve. No one is as fast as local IT with the right team and the right tools so the local IT teams should push those boundaries. NSX will  just be another tool in the toolbox.

Will NSX and automation steal jobs? Not if you implement it with respect for your colleagues and make the existing teams responsible for managing the new solution. NSX should be managed by networking and security teams primarily, people will have to be retrained to operate, mange and troubleshoot these new  NSX toolset. NSX also offers transparency in the stack, virtual as well as physical. So the blame game (Who cused the error, server team, networking team or security) is gone in NSX, transparency in networking shows where the error happens and the team responsible for the error will have to admit and rectify.

So what about the Cisco vs NSX story?  Well it is probably clear I am siding with NSX on this. I truely think NSX offers the better solution. But in the end you as a customer will have to weight the pros and cons for yourself. Be honest with yourself.. Are you making a choice ‘based on existing investments (CAPEX)’ or ‘based on the existing operational teams and their tasks’ or ‘the solution you need’? Before you answer keep the future in mind in let’s say 2 to 3 years from now. I am quite sure that at least 70% of you will say that NSX offers the best solution.. the question is then, are you willing t make all those needed changes for NSX?




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


This entry was posted on November 25, 2015 by in NSX, NSX Exploration Days, Uncategorized and tagged , .
Follow Virtual Kim on

Blog Stats

  • 27,573 hits
%d bloggers like this: