VMware Cloud Director NSX-V to NSX-T Migration Support Matrix

In today’s rapidly evolving IT landscape, Cloud Service Providers need to ensure that their customers have access to the latest and most advanced networking and security features. VMware Cloud Director (VCD) allows customers to build secure private clouds, dramatically increasing data center efficiency and business agility.

Combined with VMware NSX (previously NSX-T Data Center or NSX-T), VMware’s software-defined networking platform, the result is a powerful solution for service providers and enterprises to support the growing number of distributed applications being run on heterogenous endpoints, VMs, containers, and bare metal across DC, Cloud, and Edge.

Why should we migrate VMware Cloud Director to VMware NSX (NSX-T)?

As per the current latest version (10.4.2), VCD still supports two options for network virtualization: NSX Data Center for vSphere (NSX-V) and VMware NSX (formally known as NSX-T Data Center or NSX-T). However, NSX-V reached its End of General Support (EoGS) is January 16, 2022, and technical guidance on January 16, 2023. Therefore organizations must take proactive steps to mitigate security risks, maintain compliance, and continue to leverage the benefits of network virtualization.

The migration process can be complex and should be planned and executed carefully to minimize disruption and ensure a successful transition. Recently, VMware has released version 1.4.2 of the VMware NSX Migration for VMware Cloud Director tool, enhancing the support of VCD networking features and allowing V2T migrations with minimal downtime.

VCD V2T Features and Migration Matrix

To help Cloud Service Providers plan for a smooth transition, this short blog provides information on the current VCD NSX Features Support Matrix and those that can be auto-migrated using the latest NSX Migration for VCD tool (1.4.2).

Feature NSX Data Center for vSphere (NSX-V) VMware NSX (NSX-T) NSX Migration for VCD tool
Overlay network backing VXLAN GENEVE Yes
Distributed Routing Yes Yes Yes
Non-Distributed Routing Yes Yes (10.3.2) Yes
External Network Port groups; Logical Switches (virtual wires) Port groups; NSX Segments; Connection to external networks from Edge GW (10.4.1) Yes
Provider Gateway Not Applicable (N/A) T0/VRF for Edge GW egress Yes
Routed Network with NAT Yes Yes Yes
Routed Network no NAT Yes Advertisement of routed network requires dedicated Provider GW or IP Spaces. Yes
Isolated Network Yes Yes Yes
Direct Network Yes Yes Yes
Imported Network Unsupported Yes N/A
Shared Network Yes With Data Center Groups for non-directly connected Org VDC networks Yes
IPv6 Network Yes Yes Yes
Dual Stack (IPv4/IPv6 on same vNIC) Yes Yes Yes
Org VDC Edge GW ESG Tier-1 Gateway Yes
IP address sub-allocation Provider managed Provider managed or self-service with IP Spaces Yes
Edge Firewall Yes Yes Yes
NAT (NAT44) Yes Yes Yes
NAT64 Yes Unsupported N/A
DHCP Yes Yes Yes
DHCPv6 Unsupported Yes N/A
DNS Forwarding Yes Yes Yes
BGP IPv4 Yes The Provider GW must be private to an organization or dedicated to Tenant’s Edge GW. Yes
BGP IPv6 Unsupported Yes N/A
OSPF Yes Unsupported N/A
VRF Lite Unsupported Yes Yes
Static Routes Yes Static routes only on Tier-1 GW, but not on Tier-0/VRF (10.4) Yes
Policy-Based IPsec VPN Yes Yes Yes
Route-Based IPsec VPN Yes Unsupported N/A
L2 VPN Yes Yes (10.3) NSX-T L2VPN is not backwards compatible with NSX-V L2VPN. The configuration of all L2VPN endpoints must be migrated manually.
SSL VPN Yes Unsupported by NSX-T. SSL VPN alternatives can be deployed, and the configuration migrated manually. Please check the VMware Cloud Director Remote Access VPN Integration Guide. N/A
Load Balancing Yes Requires NSX Advanced Loadbalancer (Avi) Yes
IPv6 Load Balancing Yes Requires NSX Advanced Loadbalancer (Avi) (10.4) Yes
Edge logging and CLI Yes NSX-T Edge node is shared. CLI is not available. Centralized logging with possible filtering. No tenant-dedicated logging. N/A
Edge HA Yes (Optional Active/Standby) Yes Yes
vApp Edge (routing, NAT, firewall) Yes Yes (10.3)
Routed vApps cannot be connected to VLAN-backed Org VDC network
Yes
vApp Edge Fencing Yes Unsupported N/A
Distributed Firewall (L3/L4 and L7) Yes Requires VCD Data Center Group Yes
Distributed Firewall (L2) Yes Unsupported N/A
Cross VDC Networking (same VCD) Yes Requires VCD Data Center Group; single egress only Unsupported
Cross VDC Network (different VCDs) Yes Unsupported N/A
Edge placement Yes (via API) Edge Cluster granularity and via failure domains in NSX-T Yes
Edge gateway rate limiting Yes (external network granularity) At the Edge GW level (10.3.2).
NSX-T Gateway Ingress/Egress QoC Profiles
Yes
External network metering Yes Yes with Aria Operations N/A
Segment Profile Unsupported Yes N/A

Are you interested in learning more about NSX Migration for VCD tool and process? Do you need to perform a VCD NSX migration? Beneath are some reference resources to help you throughout the transition.

Docs and Blogs

Webinar Series

  • Close the Technical NSX V to NSX T Skills Gap
    • Part 1 Series: Modernize Your NSX Environment (3 Episodes, Level 100-300) Watch now on-demand
    • Part 2 Series: Migrating Complex NSX-v Architectures  (4 Episodes Level 300-400). Register for July 11-19 Series AMER/EMEA  or  APJ

Demos:

Conclusion

While VMware NSX Data Center for vSphere (6.4.x) continues to function past its EoGS date, bug fixes and security patches for the specific version are discontinued. This can expose the infrastructure to vulnerabilities, making it crucial for organizations to plan and execute an NSX-V to NSX-T transition for VMware Cloud Director environments.

In addition, migrating to NSX-T will maintain a strong integration to your VMware Cloud Director platform while enabling greater business agility, cloud scalability, and network performance by supporting modern distributed apps with a complete networking and security stack.

Use the vcd-v2t-assist channel in the VMware Cloud Provider Slack workspace for further questions or to provide your V2T migration experience and feedback. Additionally, the following FAQ answers common questions concerning the VMware NSX Migration for VMware Cloud Director.

Source