NSX 4.0 Release Notes – Simple Digest

 
Important Updates
 

Name Change:

  • Starting from 4.0 name has been changed from “NSX-T Datacenter” to just “NSX“. In my personal opinion it makes sense to make it look simple

Stateful Active-Active Edge Services:

  • This is my favorite out of other features introduced.
  • Through this features now we can run stateful services(firewall, NAT, etc.) NSX Tier-0 an Tier-1 gateways.
  • Earlier to this feature we had to choose either ECMP or Active-Standby Gateways with stateful services. Because If we run stateful services in ECMP mode will cause asymmetric routing causing dropping connection.
  • Through this mode we can run ECMP along with stateful services there by achieving more throughput through ECMP and running stateful services at the same time. 

Multi Tenancy:

  • Multi-Tenancy provides ability to create different projects and assign privileges to certain users to manage their assigned projects themselves. It provides isolation between projects/tenants and there by providing new manageability options.
  • NSX administrator can view all projects
  • Org Admin & Project Admin – Two new roles added.
  • Only supported through API at the moment

SmartNICs:

  • NSX now offering support for Data Processing Units (DPUs), this will offload various NSX functionalities offering accelerated network performance.
  • This feature has some long way in providing superior performance at different levels.

vSphere UI Integration:

  • NSX is now providing some minimal integration with vSphere UI – NSX Clustering, Events, NSX registration option, Backup and Restore options added.

Security:

  • New feature introduced to block “Malicious IPs” in distributed firewall level. These malicious IPs will be provided by VMware Contexa and will be automatically updated. This is good to have feature to automatically protect workloads from harmful sources from Internet.

IPv6:

  • There are ton of IPv6 updates in this release. NSX Management plane can communicate with external systems (UI, API, vCenter, DNS, NTP, etc.) through IPv6 address. I will support dual stack (IPv4 and IPv6) at the same time.
  •  Now supports IPv6 – Syslog, SNMP, SSH, SFTP, Cluster VIP, Telemetry

Features Deprecated:

  • Early indicator – NSX built-in “Load Balancer” to which VMware stopped feature enhancements is not deprecated and customers using NSX built-in load balancers are advised to move to NSX Advanced Load Balancer (AVI). customer will be provided with AVI basic licenses free of cost and AVI basic will have feature parity with NSX built-in load balancer. Customer should purchase AVI Enterprise license in case of advanced use cases.
  • Support for non-VIO OpenStack and KVM. So KVM is no longer supported, if it is VIO it will be supported.
  • N-VDS virtual switch on ESXi hosts will no longer be supported. customers need to migrate to NSX integrated VDS.

Related Posts

Scroll to Top