VMware Cloud Foundation Products

Networking Enhancements in VMware Cloud Foundation 5.2

, , ,

In this blog post:

  • New in VMware NSX 4.2.0
    • Easy adoption of virtual networking for workloads connected to legacy VLAN topologies
    • Improved network availability and performance with support for dual DPUs, IPv6 only management and control plane, and improved datapath observability
  • New in VMware Cloud Foundation Network Operations 6.13
    • Data Center Network Assessment Dashboard and Report for optimizing application performance
    • Enhanced Network Assurance and Verification for faster troubleshooting
  • New in VMware HCX Workload Migration & Mobility 4.10
    • Performance and scale improvements for faster large scale and large data volume migrations
    • Configurable high-performance encryption mode for fully private data center networks

Introduction

VMware Cloud Foundation (VCF) helps organizations modernize their infrastructure and enables a cloud operating model that provides the benefit of public cloud with the security and performance of on-premises private clouds.  VMware NSX 4.2.0, VMware Cloud Foundation Network Operations 6.13 (VMware Aria Operations for Networks), and VMware HCX 4.10 together – as part of VMware Cloud Foundation 5.2 Networking – offer scale, availability, visibility and Day 2 network operations for private clouds, accelerating network deployment, application discovery, and migration planning.

The latest networking and network operations capabilities in VMware Cloud Foundation 5.2 help users easily adopt virtual networking in their private cloud, optimize their network for better visibility, scale, and performance, and migrate workloads efficiently at scale.

Easy Adoption of Virtual Networking for Private Cloud (NSX 4.2.0)

VMware NSX network virtualization decouples networking services from the physical infrastructure to provide flexible workload placement, optimized resource utilization, and the ability to instantiate networks and tenants in minutes without the constraints of the physical infrastructure.

NSX now offers a new guided workflow to make it easier for you to transition from legacy VLAN topologies and adopt the full benefits of network virtualization for the private cloud without implementing wholesale changes to the network.

Figure 1. The new guided workflow for adopting network virtualization

The tool provides a step-by-step approach to move workloads to a virtualized network with validation before and after each step to ensure a smooth transition.  It helps you achieve a cloud operating model across all workloads with the adoption or expansion of VCF.  Other use cases include application modernization and deprecation of older assets and simplified Layer 2 over Layer 3 extension.

Enhanced Network Performance and Scale (NSX 4.2.0)

NSX 4.2.0 introduces several updates to the maximum scale and performance supported by NSX across the platform including NSX Federation, NSX Edge, and network management and operations.  Key enhancements include:

  • Enhanced NSX Manager scale – NSX Manager scale has been increased to support various updates to the maximum scale supported by NSX. Please refer to the VMware Configuration Maximums tool for details on the scale supported, and the NSX Installation Guide for details on installation steps.
  • IPv6-only access for management plane scale – NSX 4.2.0 introduces support for IPv6-only NSX Managers and Edge Nodes. Users will now be able to deploy and scale IPv6-only NSX infrastructure without IPv4 address limitations in the management and control planes.
  • Improved availability and throughput with dual DPUs in VCF 5.2 – NSX 4.2.0 supports dual DPUs (Data Processing Units) in both high availability configuration (Active / Standby) and high throughput configuration (Active / Active).
  • The NSX Edge Platform is enhanced to support higher throughput with the option to balance the traffic across multiple Tunnel End Points (TEPs) of an Edge Node (VM or Bare Metal) and improved visibility of the platform and the services running on top.

Please see the VMware Configuration Maximums tool for each update.

Comprehensive Network Assessment (VCF Network Operations 6.13)

Customers can use the new dashboard pre-deployment assessment and report in VCF Network Operations to inform them of their current network traffic and help facilitate the deployment of VMware NSX. Leveraging information from VMware vCenter, the assessment helps vCenter administrators understand how their network can benefit from VMware NSX. The dashboard offers a data-driven decision-making process and allows users to generate a Network Assessment and Optimization PDF report for management to identify areas where the network can be improved. Additionally, the assessment informs about issues that could be resolved with a VMware NSX deployment and suggests ways to enhance application traffic by improving network performance.

A vCenter admin can quickly run this assessment with a single VCF Network Operations  instance and one collector. To navigate there in the 6.13 release, a user can click on vCenter from the VCF Network Operations main dashboard. Then, the admin can select the vCenter IP address to view and receive assessment information. Enabling Netflow/IPFIX on the vCenter VDS allows the richer dashboard to see the new assessment information.

The dashboard shows total traffic, east-west traffic, and traffic categorized as routed, hair-pinned, switched, or other. There are also details on the top talkers virtual machines. Depending on the scenario, the assessment highlights areas where the network traffic pattern is inefficient and impacts overall application performance. 

The dashboard and report also highlight where a VMware NSX deployment can help, for example with performance latency information. The dashboards also show how Layer 2 networks are interacting and show how network isolation techniques with Application Centric Networking with VMware NSX are missing without the VMware NSX Virtual Private Clouds (VPCs) capability as well as an analysis of key crown jewels which are critical applications.

The assessment is a first step in using VCF Network Operations to help assess and analyze configurations, understand network inventory, view network traffic, identify opportunities for improvement, and determine potential efficiencies when deploying VMware NSX.

Figure 2. The new dashboard shows how deploying VMware NSX can help solve inefficiencies due to hair-pinning of traffic

Migration Performance Optimization (HCX 4.10)

The various performance and scale enhancements combined in HCX 4.10 enable larger scale migrations and migrations that take shorter time compared to prior releases. 

Customers can now migrate up to 1000 VMs concurrently and do so at improved velocity. (Velocity refers to the time to initialize 1000 concurrent migrations.) Previously, users could configure up to 600 VMs for concurrent migration and the time it took to complete the migration was longer. In addition, for migrations involving large data volumes, enhancements to the internal data querying mechanisms means that large-scale migrations are now faster with higher overall velocity than before. 

The improvements validated by internal test reports are quantified below:

  • 65% higher migration concurrency scale
  • Time transfer for all VMs at maximum scale was reduced from several hours (5+ hours in some cases) to 40 minutes in HCX 4.10. This is a ~7.5X (or about 650% improvement in the pre-transfer task orchestration efficiency.
  • Internal data volume handling efficiency was improved over 20X (~1900% improvement).

Configurable Transport Encryption During Migrations (HCX 4.10)

This feature enables higher per-flow performance by making transport encryption configurable (optional). Customers have the option to choose either the high-performance mode or the existing security mode (default). In prior releases, the security (encrypted) mode was mandatory. Encryption is inherently performance restrictive. Considering cases where transport encryption is not necessary (e.g. private DC network), the Configurable Transport Encryption capability in HCX allows users to turn off encryption, enabling higher data plane performance. On average, a two-fold (108%) per-flow improvement is seen with configurable transport encryption based on internal test reports. 

Unencrypted transports are optimized for higher Network Extension (NE) per-flow performance in fully private data center networks. Internal tests show an average 40% per-flow improvement across the NE appliance.

Improved Network Assurance and Verification (VCF Network Operations 6.13)

Network Assurance and Verification organizes the network into a topology with groups for better operations management and highlights areas affected by alerts for faster issue resolution. A large network map topology becomes difficult to manage because it is so large. The 6.13 update provides optimized control capabilities for managing very large network maps, offering enhanced auto layout features based on selected network map scopes. Users can choose scope capabilities by entities, groups, or custom attributes and access this information easily through API requests. These capabilities allow users to view details like firewalls, vendors, locations, and names.

Figure 3. Network Assurance and Verification improvements make network visualization and troubleshooting easier; this includes customizing the scope from the entire network to a smaller subset of characteristics (e.g. location, name, and tags)

Easier Licensing (VCF Network Operations 6.13)

VCF core licensed deployments are supported with existing VMware Aria Operations for Networks Enterprise and VMware Aria Operations for Networks Universal environments. Customers with a VCF license will no longer have to add a separate license to the VMware Aria Operations for Networks platform. The existing VMware Aria Operations for Networks platform in 6.13 communicates with vCenter to validate VCF licensing. Read the release notes for more details. 

Enhanced Network Monitoring (NSX 4.2.0)

Network monitoring offers additional support for events, alarms, and other operational features. The VMware NSX API now includes new metrics for Network Datapath and Enhanced Datapath Host Switch counters. To improve uptime, the update also includes advanced logging and debugging capabilities in case of connection failures with BGP and Bidirectional Forwarding Detection (BFD) sessions.

Learn More

Varun Santosh

Varun leads product marketing for network virtualization and operations with a focus on VMware NSX and VMware Cloud Foundation. Varun has previously held roles across engineering, sales, and product management…

Devyani Pisolkar

Devyani Pisolkar is a product marketing expert at Broadcom, focusing on software-defined networking and operations in VMware Cloud Foundation. Devyani is passionate about helping customers optimize their private and hybrid…

Matt Just

Matt is a Staff Technical Marketing Architect at VMware. He is responsible for supporting the technical product development and marketing of VMware vRealize Network Insight. Matt has over 20 years…

Sehjung Hah

Sehjung Hah is a Product Marketing Engineer at Broadcom working on VMware Cloud Foundation and VMware Aria Operations for Networks. Sehjung has worked in various networking industry roles in process…

Related Articles