To understand NSX better, we will break into its subcomponents and understand each one of the components that together make NSX. Following image shows the NXS components:
Major components of NSX are as follows:
- NSX manager: NSX manager is a virtual appliance and can be installed on any ESXi host in the virtual environment managed by vCenter Server. NSX manager is the centralized management console for NSX and gives a unified collated description of the whole network. Note that NSX is no replacement for standard or distributed virtual switches, it is more of a capability extension for them. NSX makes use ofVirtual Extensible LAN (VXLAN ) to span layer 2 segments inside tunnels between ESXi hosts, without using multiple stretched VLANs.
- NSX vSwitch: As the name suggests, this is the virtual switch component of NSX and it bridges the gap between the virtual servers and the actual physical network hardware, allowing communication to take place smoothly.
- NSX Controller: NSX controller is the central control plane for the network topologies in the data center. Major part of NSX controller’s tasks involves controlling NSX virtual switches and keeping a database of information pertaining to all virtual machines, hosts, logical switches, and VXLANs.
- NSX Edge Gateway: NSX Edge Gateway is responsible for bringing security and gateway services to the NSX tool, which helps to control and isolate the network from outside network. It is sort of creating a private restricted network. NSX Edge can be used as a distributed/logical router or as a services gateway. When installed as a logical router, it allows NSX to have east-west distributed routing capabilities. In case NSX edge is being used as a services gateway, it is used to connect isolated networks to uplink networks by giving them common gateway services such as DHCP, NAT, VPN, and so on. Also, hosts not integrated in the virtual infrastructure can use NSX services by using the NSX Edge Gateway as their gateway.
- NSX Distributed Firewall: NSX comes bundled with a kernel embedded firewall, which enables NSX to have more control over network performance and traffic flow. Security policies can be created for this firewall using vCenter Server for data centers, clusters, hosts, and so on. This firewall is very efficient as it adjusts its own resource utilization and capacity depending on the hosts it needs to monitor. It also adjusts the sizing whenever a new host is added or an existing host is turned off on purpose.