VMware NSX-T Data Center for Intrinsic Security [V3.1]

  • Private Community
  • Private Community
 View Only

  • 1.  Module 9 - Slide 25 - North - South Packet FLow

    Posted Nov 18, 2021 11:11 PM

    Hello everyone..

    Have a class coming up for this course and I am wondering where does the SR/DR sit in this flow??

     

    My guess is this - Please let me know if I am wrong..

    The traffic comes in and hits the SR first - It does any thing it needs - NAT, FW, ETC..

    After the SR (maybe within the SR) the SI Classifier is checked - if we redirect - we redirect to he SVM over the Untrusted Segment.

    IF traffic is allowed - the flow is sent over the Trusted-Segment.

    Then it hits the DR component of the Edge..

     

    Again I am totally assuming this..  Anyone have any material on this???

     

    Thanks all.  Have a good one.



  • 2.  RE: Module 9 - Slide 25 - North - South Packet FLow

    Broadcom Employee
    Posted Nov 18, 2021 11:42 PM

    The SI classifier sits alongside the FW Rule Classifier. Everything happens in the context of the SR. The DR is not involved.



  • 3.  RE: Module 9 - Slide 25 - North - South Packet FLow

    Posted Nov 19, 2021 12:02 AM

    Got yah,

    Thanks John..

    That makes sense - It is all done prior to the DR getting it, or the DR is done with it (South to North).

     

    Ok have a good one.