NSX Segments Design for vRealize Suite Components

vRealize Suite applications that are deployed on top of the management domain in VMware Cloud Foundation can use a pre-defined configuration of NSX segments, called application virtual networks (AVNs), for dynamic routing and load balancing.

NSX segments provide flexibility for workload placement by removing the dependence on traditional physical data center networks. This approach also improves security and mobility of the management applications, and reduces the integration effort with existing customer network.

Figure 1. NSX Segments for vRealize Suite

Table 1. Design Decisions on NSX Segments
Decision ID	Design Decision	Design Justification	Design Implication
VCF-VRS-NSX-SDN-001	Create one cross-instance NSX segment for the components of a vRealize Suite application that require mobility between VMware Cloud Foundation instances.	Enables potential support for workload mobility without a complex physical network configuration. The components of the vRealize Suite application must be easily portable between VMware Cloud Foundation instances without requiring reconfiguration.	Each NSX segment requires a unique IP address space.
VCF-VRS-NSX-SDN-002	Create one or more local-instance NSX segments for the components of a vRealize Suite application that are assigned to a specific VMware Cloud Foundation instance.	Enables workload mobility within a VMware Cloud Foundation instance without a complex physical network configuration.	Each NSX segment requires a unique IP address space.

With NSX Federation, an NSX segment can span multiple instances of NSX-T Data Center and VMware Cloud Foundation. A single network segment can be available in different physical locations over the NSX SDN. In an environment with multiple VMware Cloud Foundation instances, the cross-instance NSX network in the management domain is extended between the first two instances. This configuration provides IP mobility for management components which fail over from the first to the second instance.

Table 2. Design Decisions on NSX Segments for Multiple VMware Cloud Foundation Instances
Decision ID	Design Decision	Design Justification	Design Implication
VCF-VRS-NSX-SDN-003	Extend the cross-instance NSX segment to the second VMware Cloud Foundation instance.	Enables workload mobility without a complex physical network configuration. The components of a vRealize Suite application must be easily portable between VMware Cloud Foundation instances without requiring reconfiguration.	Each NSX segment requires a unique IP address space.
VCF-VRS-NSX-SDN-004	In each VMware Cloud Foundation instance, create additional local-instance NSX segments.	Enables workload mobility within a VMware Cloud Foundation instance without complex physical network configuration. Each VMware Cloud Foundation instance should have network segments to support workloads which are isolated to that VMware Cloud Foundation instance.	Each NSX segment requires a unique IP address space.
VCF-VRS-NSX-SDN-005	In each VMware Cloud Foundation instance, connect or migrate the local-instance NSX segments to the corresponding local-instance Tier-1 gateway.	Configures local-instance NSX segments at required sites only.	Requires an individual Tier-1 gateway for local-instance segments.