A transport zone is used to define the scope of a VXLAN overlay network and can span one or more clusters within one vCenter Server domain. One or more transport zones can be configured in an NSX for vSphere solution. A transport zone is not meant to delineate a security boundary.

Note:

The transport zone decisions are included to facilitate easy expansion to a dual-region design that includes failover and recovery.

Table 1. Transport Zones Design Decisions

Decision ID

Design Decision

Design Justification

Design Implications

SDDC-VI-SDN-012

For the compute stack, use a universal transport zone that encompasses all shared edge and compute, and compute clusters from all regions for workloads that require mobility between regions.

A Universal Transport zone supports extending networks and security policies across regions. This allows seamless migration of applications across regions.

You can pair up to eight NSX Manager instances. If the solution grows past eight NSX Manager instances, you must deploy a new primary manager and new transport zone.

SDDC-VI-SDN-013

For the compute stack, use a global transport zone in each region that encompasses all shared edge and compute, and compute clusters .

NSX Managers with a role of Secondary can not deploy Universal objects. To allow all regions to deploy on demand network objects a global transport zone is required.

Shared Edge and Compute, and Compute Pods have two transport zones.

SDDC-VI-SDN-014

For the management stack, use a single universal transport zone that encompasses all management clusters.

A single Universal Transport zone supports extending networks and security policies across regions. This allows seamless migration of the management applications across regions.

You must consider that you can pair up to eight NSX Manager instances. If the solution grows past eight NSX Manager instances, you must deploy a new primary manager and new transport zone.