VMware NSX-T Data Center for Intrinsic Security [V3.1]

Hi all..

Can anyone provide some more info about this topic.. 

For example.

Where is the Service Proxy located?

Now the local segment is encaping in Geneve - How are these TEPS assigned? What are their value?? John mentions (TTT) that there is a field in the Geneve frame that is being modified - Which field and what value is being modified?

Thanks all,  Have a good one.

The Service Proxy, as the slide shows, sits between the SVM and the vSwitch. The TEPs in the SVMs are handled by the partner solution.

The TLV is being modified to include NSH so the SVM knows where to forward the packet to the next hop in the service chain.

Thanks John..

The SVM TEP - portion makes sense..

I found this after your post about Service redirection..

https://www.ietf.org/archive/id/draft-fourie-nvo3-nsh-geneve-encap-00.txt

But what about the Proxy - going to assume NSX assigned that TEP?   How can we view this??  What Address range does it use???

IS there any VMware doc's / PPT doing a bit more of a deep dive here that you can share???

Thanks again bud-  Have a good one.

If there's any other documentation, I haven't seen it. I have no idea about the SP and how it's configured. I don't have any partner solutions to tie in to look for myself, so I can't answer anything more about that.

From a practical perspective, I think the SP and local circuit information are much like the SPI information - nice to know and pass along, but nothing an administrator has any influence over. Don't get too hung up on those things. 

Got yah John..

Maybe as time moves on, we will get more info on this..

For now I guess we can just chalk it up to internal communications..

I was hoping to see some labs on HOL but nothing as of yet.

Thanks again for your support and have a good one..