These are some of the useful numbers I’ve collated as I’ve been doing the study guide. I’m happy to add more if anyone thinks I’ve missed some important ones.
Prerequisites
VMware vCenter Server 5.5 or later
VMware ESX 5.0 or later for each server
VMware Tools – For vShield Endpoint and NSX Data Security, you must upgrade your virtual machines to hardware version 7 or 8 and install VMware Tools 8.6.0 released with ESXi 5.0 Patch 3.
MTU minimum 1550, 1600 recommended
vHardware Minimums
NSX Manager | NSX Controller | Edge Compact | Edge Large | Edge Quad Large | Edge X-Large | vShield Endpoint | NSX Data Security | |
vCPU | 4 | 4 | 1 | 2 | 4 | 6 | 2 | 1 |
vMEM | 12Gb | 4Gb | 512Mb | 1Gb | 1Gb | 8Gb | 1Gb | 512Mb |
vDISK | 60Gb | 20Gb | 512Mb | 512Mb | 512Mb | 4.5Gb (4Gb swap) |
4Gb | 6Gb |
Maximums
DHCP Pools – 20,000
Segment IDs (VNI) – 10,000
Audit Logs – 1,000,000
TCP Ports
443 between the ESXi hosts, vCenter Server, and NSX Manager.
443 between the REST client and NSX Manager.
TCP 902 and 903 between the vSphere Web Client and ESXi hosts.
TCP 80 and 443 to access the NSX Manager management user interface and initialize the vSphere and NSX Manager connection.
TCP 22 for CLI troubleshooting.
vSphere Scalability
1000 Hosts
10000 VMs
10000 Port groups
60,000 virtual ports
Logical Router
up to 1000 interfaces
up to 8 uplinks
1200 DLR instances total
100 DLR instances per ESXi host
Edge
HA default heartbeat failover interval 15 seconds (5x 3 seconds), can be reduced to 6 seconds minimum.
HA heartbeat minimum frequency = 1 second
NSX Manager
1 NSX to 1 vCenter
Backup Frequency – Hourly/Daily/Weekly
NSX Controllers
3 minimum, must be an odd number
VXLAN
VNI – 24bit number – 16M VXLAN networks
MTU 1600 bytes to support VXLAN with IPv4 and IPv6 traffic
Allows for:
50 bytes overhead for VXLAN encapsulation
54 bytes overhead if VLAN tagging is used
Uses UDP port 8472 as a transport protocol
LACP
64 LAGs per host
64 LAGs per distributed switch
802.1Q – VLAN tagging
4096 VLANs maximum
VPN
IPsec VPN – maximum of 64 tunnels across maximum of 10 sites
SSL VPN – up to 25 users
Hi Rich, excellent work! hoping to spend some time on NSX in the new year.
Thanks, hope it’s useful to you!
Wow! Thank you for posting this!
Cheers! 🙂
This is exactly what I was looking for…Thank you Rick for sharing an excellent blog and study guide!
You’re welcome, good luck!
I cannot find any documentation to reference the Edge HA heartbeats. Do you have the reference? All other sources seems to indicated for a 15 s deadtime, the frequency is 3 secs instead of 5 secs.
HA default heartbeat failover interval 15 seconds (3x 5 seconds), can be reduced to 6 seconds minimum (3x 2 seconds)
HA heartbeat frequency = 1 second
It’s a long time ago, but I suspect I was going on what I was told on a course.
Default output from the Edge CLI command “show service highavailability” shows:
Unit Poll Policy:
Frequency: 3 seconds
Deadtime: 15 seconds
I don’t have access to an NSX environment at the moment to test the effects on the frequency of changing the dead time unfortunately.
Yes, the default dead time is 15sec (can be set as low as 6 seconds) and the freq 3 sec.
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2126560
Also, just fyi b/c I dont think it will be on the test but changes in 6.2.3 for reference
“New VXLAN Port 4789 in NSX 6.2.3 and later: Before version 6.2.3, the default VXLAN UDP port number was 8472. See the NSX Upgrade Guide for details” Also some changes in DHCP sizes for Edge
http://pubs.vmware.com/Release_Notes/en/nsx/6.2.3/releasenotes_nsx_vsphere_623.html