Monday, February 24, 2014

VMware vShiled Manager - VXLAN limit

We all know that all technologies has some limits. Only important thing is to know about particular limits limiting your solution.

Do you know VMware vShield Manager has limit for number of virtual networks?

There is the limit 5,000 networks even you use VXLAN network virtualization. So even VXLAN can have theoretically up to 16M segments (24-bit segment ID) you are effectively limited to 5,000 which is not significantly more then old VLAN ID limit of 4,096 (12-bit segment ID).

The most strange thing is that this limit is not documented on vSphere Configuration Maximums. There are documented only following network limits:
  • Static/Dynamic port groups per distributed switch = 6,500
  • Ports per distributed switch = 60,000
  • vCloud Director "Number of networks" = 10,000
Thanks Tom Fojta for this information and link to VMware KB 2042799.

On top of that the current VMware VXLAN implementation provide VXLAN based network overlay only in single vCenter domain so it will not help you with network tunnel for DR (VMware SRM) use case where two vCenters are required.   

So only two benefits of current VMware VXLAN implementation I see today are:
  • software defined network segments in single vCenter domain allowing automation of VXLAN provisioning. Nice blog about it is here.
  • split between physical networking segments (system VLANs, internet VLANs, MPLS VLANs, ...) and multi-tenant virtual network segments used for tenant's private use.
To be honest even those two benefits are very useful and limits will increase year by year as technology evolves and matures. That's usual technology behavior.

1 comment:

David Pasek said...

Tom Fojta ‏@fojta wrote in Twitter: it is not vSphere limit: NSX max is 10000