There are two options for managing NSX across multiple locations.

Table 1. Comparison of Multisite and NSX Federation
Multisite NSX Federation
Availability NSX 2.3 NSX 3.0
Environments Two locations in metropolitan regions (<10 ms across locations) with stretched VLAN Other use cases
Number of NSX Manager clusters 1 1 per location
Network Services

All features supported:

  • Switching (Overlay and VLAN)
  • IPAM (DHCP and DNS)
  • Routing (VRF, EVPN, NAT and route redistribution)
  • Layer4+ services (Load Balancing, VPN)

All features supported from GM:

  • Switching (Overlay and VLAN)
  • IPAM (DHCP Relay and static binding, and DNS)
  • L2-Bridge (Starting in NSX 4.0.1.1)
  • Routing (NAT and route redistribution)
  • Routing protocols (BGP, Static)

Exceptions:

  • T0-VRF
  • DHCP dynamic binding
  • Routing protocols (OSPF)
  • Routing VPN and EVPN
  • Load Balancing
Security Services

All features supported:

  • Distributed Firewall
  • Gateway Firewall
  • FQDN Filtering
  • L7 App ID context support
  • Identity Firewall
  • Distributed IDS
  • Malware Prevention
  • Network Introspection
  • Endpoint Protection
  • Time-Based Firewall

All features supported from GM:

  • Distributed Firewall
  • Gateway Firewall
  • FQDN Filtering
  • L7 App ID context support
  • Time-Based Firewall (Starting in NSX 4.0.1.1)

Exceptions:

  • Identity Firewall
  • Distributed IDS
  • Malware Prevention
  • Network Introspection and Endpoint Protection
  • Time-Based Firewall (Prior to NSX 3.2.2 and 4.0.0.1)
High-Availability for Management Plane

NSX Manager VMs recovery

NSX GM and LM VMs recovery with SRM.

High-Availability for Compute VMs

Compute VMs recovery

Compute VMs recovery

  • With SRM from NSX with one limitation: Distributed Firewall on Workload VMs cannot be based on NSX tags.
  • With SRM from NSX without any limitations.

Also see the NSX-T Data Center Multi-location Design Guide and VMware Site Recovery Manager.