ESX Virtualization

VMware ESXi, vSphere, VMware Backup, Hyper-V... how-to, videos....

Nakivo Backup and Replication - #1 Backup solution for Virtual, physical, cloud, NAS and SaaS

Menu
  • Certification
      • VCP-DCV vSphere 8
          • vcp2024-125.
        • Close
    • Close
  • VMware
    • Configuration Maximums
    • vSphere
      • vSphere 8.0
      • vSphere 7.0
      • vSphere 6.7
      • vSphere 6.5
      • vSphere 6.0
      • Close
    • VMworld
      • VMware EXPLORE 2024
      • VMware EXPLORE 2023
      • VMware EXPLORE 2022
      • VMworld 2019
      • VMworld 2018
      • VMworld 2017
      • VMworld 2016
      • VMworld 2015
      • VMworld 2014
      • VMworld 2013
      • VMworld 2012
      • VMworld 2011
      • Close
    • Close
  • Microsoft
    • Windows Server 2012
    • Windows Server 2016
    • Windows Server 2019
    • Close
  • Categories
    • Tips – VMware, Microsoft and General IT tips and definitions, What is this?, How this works?
    • Server Virtualization – VMware ESXi, ESXi Free Hypervizor, VMware vSphere Server Virtualization, VMware Cloud and Datacenter Virtualization
    • Backup – Virtualization Backup Solutions, VMware vSphere Backup and ESXi backup solutions.
    • Desktop Virtualization – Desktop Virtualization, VMware Workstation, VMware Fusion, VMware Horizon View, tips and tutorials
    • How To – ESXi Tutorials, IT and virtualization tutorials, VMware ESXi 4.x, ESXi 5.x and VMware vSphere. VMware Workstation and other IT tutorials.
    • Free – Free virtualization utilities, ESXi Free, Monitoring and free backup utilities for ESXi and Hyper-V. Free IT tools.
    • Videos – VMware Virtualization Videos, VMware ESXi Videos, ESXi 4.x, ESXi 5.x tips and videos.
    • Home Lab
    • Reviews – Virtualization Software and reviews, Disaster and backup recovery software reviews. Virtual infrastructure monitoring software review.
    • Close
  • Partners
    • NAKIVO
    • StarWind
    • Zerto
    • Xorux
    • Close
  • This Web
    • News
    • ESXi Lab
    • About
    • Advertise
    • Archives
    • Disclaimer
    • PDFs and Books
    • Close
  • Free
  • Privacy policy

What’s New in VMware NSX For vSphere 6.1

By Vladan SEGET | Last Updated: March 17, 2015

Shares

NSX for vSphere 6.1 shall be available during VMworld or the week after VMworld US.  During the presentation which has been done by Brad Hedlund who works as an engineering architect at VMware, we had the chance to see all the features introduced and presented.

There is quite a few of them and it seems that VMware also going to come out with NSX for Multi hypervisor,  as well as OpenStack Integration.  Also interesting in this post – Micro Segmentation which allows to protect inside of the datacenter – is feature which is part of NSX for vSphere 6.1.

While the product's name announced is NSX for 6.1 one would think that vSphere 6.1 is already out. The reality is that the vSphere 6 (or 6.1) hasn't been announced yet and for now there is still the Public Beta of vSphere 6 where you can join, but you can't talk about what's in. The only info from the public beta that is out is the info about VVoLS. Virtual volumes (VVoLS) encapsulate virtual disks and other virtual machine files, and natively store the files on the storage system.

What's new in NSX for vSphere 6.1?

DHCP Relay

This is new feature which is new in NSX for vSphere 6.1 and allows integrating external DHCP servers in the physical world. There can be several DHCP servers which can be configured per logical router ports.

You can have distributed router where the kernel module in all the hypervisors which is providing the default gateway for the VMs, but also providing the routing from one logical switch to another right in the kernel or routing between logical switches and port groups.

It's possible to setup external DHCP servers to respond to DHCP requests from VMs which are attached to logical switches or distributed port group within NSX to which distributed router is attached to.

NSX for vSphere 6.1 - DHCP Relay How-it works

It's possible to define several DHCP servers.

Two Stage ECMP Support

Equal cost multi path routing support for distributed logical router and also for NSX edges. There is the distributed router, which can have multiple upstream NSX Edges to egress traffic from, and also in the upper layer the NSX edges can have multiple upstream physical routers with Equal cost multi path routing to egress traffic from as well as receive.

vSphere 6.1 and NSX - Two Stage ECMP support

Allows High availability and scale out.

L2 VPN: Enterprise Migration (NSX on both sides)

This feature is an enhancements to previous version of NSX where previously on one VLAN could be trunked. It can be used for migration of workflows between datacenters. You can trunk multiple VLANS of multiple VXLANs from one datacenter to the other.

VMware vSphere 6.1 and NSX - L2 VPN - migration of workflows between datacenters

This function brings similar functionality as Cisco OTV (Example here), which is providing is a “MAC in IP” technique for supporting Layer 2 Vans over any transport. The L2 VPN provides trunking L2 network from one side to another over L3 network encrypted by SSL VPN tunnel.

Another use case would be for example to extend an NSX datacenter to non-NSX datacenter. See image below… In this case the remote site is not running an NSX. You can extend the L2 network from the remote site where you can deploy an NSX Edge and provide the VLAN trunking, to extend the L2 networks from the remote site into an NSX deployment into the datacenter.

  • Both the sites could be NSX Free Edge

NSX for vSphere 6.1 Load Balancing Enhancements

The load balancer can be turned On on the NSX Edge. So you're able to have TCP as well as UDP load balancing.

NSX vSphere 6.1 load Balancing Enhancements

Just a few enhancements here.

F5 and NSX

VMware is partnering with F5 to inject the nextgen firewall in NSX deployments.

When customer wants to deploy load balancer for their application, they have the choice between the load balancer present in NSX and F5 load balancer.

NSX for vSphere 6.1 + F5 Palo Alto Networks

As concerning the deployment within vCenter, the admin will have the possibility to check a box to allow a service insertion, which would allow the F5 insertion.

Firewall Enhancements in NSX

  • Firewall Reject action (not only allow or deny)
  • Troubleshooting and Monitoring
  • Advanced filtering of rules ( you can filter to find rules)
  • CPU/Memory Thresholds (if CPU thresholds are reached, the admin will get notified)
  • IPFIX Support in DFW (distributed firewall)
  • Combined Edge and DFW Management (single management of rules for Distributed firewall, Edge or both)
  • Network Oriented service insercion (NetSec Partner Redirection)

NSX Multi Hypervisor 4.2

  • NSX Multi-Hypervisor is a minor release
  • controller HA/Hitless upgrade
  • DHCP Relay
  • OVS performance enhancements
  • Security profile scale enhancements
  • Scale Targets unchanged
  • Upgrade from any 4.1x release is supported
  • Hearbleed issue fixed in 4.2 release
  • GA in Q3 2014

Micro Segmentation

Apparently the micro segmentation is the feature that makes VMware to actually sell a lot of NSX, and clients are buying NSX to use that particular feature in their datacenters. Usually in traditional datacenters where a single firewall is protecting the whole datacenter – a problem can occur if someone break in. If does, then he(she) can do whatever he (she) want, because single firewall is protecting the environment.

Usuall datacenter has 2 firewalls but the number of VMs counts in hundreds (thousands)….

VMware NSX for vSphere 6.1 Micro Segmentation

That's why micro-segmentation (isolation) provides the best results. The firewall in VMs does not really help.

A physical firewall per workflow is not cost effective (too expensive)

Micro Segmentation challenges

The solution is to provide firewall services through the hypervisor's kernel module. Distributed firewall kernel module provides a protection to VMs so when VM is created, a firewall policy is attached to that VM. So if the VM is moved to another host, the policy follows.

If VM is deleted, the policy gets deleted as well. It's not VLAN centric security deployment but rather creating in security groups which can be static or dynamic. And VMs are attached to those groups. The policy is applied to the group. It simplifies the topology.

Achieving Micro Segmentation with NSX

It works through the identification of workflows, use attributes to create security groups and then apply policies to those security groups. Here is another screenshot to ilustrate.

VMware NSX for vSphere 6.1 configuration of policy with security groups

The micro segmentation provides better security inside of the datacenter.

Example 1:

Micro Segmentation Use Case 1

Example 2:

Segmentation between tenants

Networking is quite a complex topic. During VMworld the NSX team will provide many product demos and examples.

If you're not present at VMword San Francisco, you can still register for VMworld Barcelona.

Special Report:

  • VMware EVO:RAIL – New hyper-converged solution by VMware
  • What's New in VMware NSX For vSphere 6.1 (This post)
  • VMware OpenStack Integration
  • Infinio Accelerator v2.0 Announced with FC, iSCSI, FCoE, NFS and Enviromnents with Multiple Protocols
  • VMworld 2014 FlowGrab Beta Launching Centralized Workflow Repository
  • Fujitsu One Of the First OEM Partners Announcing VMware EVO: RAIL Integration
  • vRealize Cloud Management Platform, vCloud Suite 5.8, vCloud Air Object Storage…
  • DataDog Adds VMware vSphere Support
  • vMotion Enhancements in vSphere 6.0 – Long Distance vMotion, Across vSwitches and Across vCenters
  • VMworld 2014 US Keynotes Day1 and Day 2 Videos
  • Rapid-Cloning Technology (project Fargo) and copy-on-write architecture – Future of Desktop Virtualization 

Stay tuned via RSS or Twitter.

Shares
Vote !

| Filed Under: Server Virtualization Tagged With: VMware NSX For vSphere 6.1

About Vladan SEGET

This website is maintained by Vladan SEGET. Vladan is as an Independent consultant, professional blogger, vExpert x16, Veeam Vanguard x9, VCAP-DCA/DCD, ESX Virtualization site has started as a simple bookmarking site, but quickly found a large following of readers and subscribers.

Connect on: Facebook. Feel free to network via Twitter @vladan.

Private Sponsors

Featured

  • Thinking about HCI? G2, an independent tech solutions peer review platform, has published its Winter 2023 Reports on Hyperconverged Infrastructure (HCI) Solutions.
  • Zerto: One Platform for Disaster Recovery, Backup & Cloud Mobility: Try FREE Hands-On Labs Today!
Click to Become a Sponsor

Most Recent

  • FREE version of StarWind VSAN vs Trial of Full version
  • Commvault’s Innovations at RSA Conference 2025 San Francisco
  • VMware ESXi FREE is FREE again!
  • Installation of StarWind VSAN Plugin for vSphere
  • Protect Mixed environments with Nakivo Physical Machine recovery (bare metal)
  • No more FREE licenses of VMware vSphere for vExperts – What’s your options?
  • Tails – Your Private OS on USB Stick
  • StarWind V2V Converter Now has CLI
  • Veeam VHR ISO v2 – 2025 Download and Install
  • Deployment OVA and Installation of Nakivo Backup and Replication for VMware

Get new posts by email:

 

 

 

 

Support us on Ko-Fi

 

 

Buy Me a Coffee at ko-fi.com

Sponsors

Free Trials

  • DC Scope for VMware vSphere – optimization, capacity planning, and cost management. Download FREE Trial Here.
  • Augmented Inline Deduplication, Altaro VM Backup v9 For #VMware and #Hyper-V – Grab your copy now download TRIAL.

VMware Engineer Jobs

VMware Engineer Jobs

YouTube

…

Find us on Facebook

ESX Virtualization

…

Copyright © 2025 ·Dynamik-Gen · Genesis Framework · Log in