NSX Controller handles following Control Plane:
- Layer 2 Control Plane for Logical switches & Distributed Logical router control VM.
- L3 Control Plane
For L2 Control Plane, NSX Controller has principal copy of these three table per logical switch which are mentioned below:
VTEP Table: Table which list all VTEP information which has at least one VM connected to logical switch. Rule: One VTEP table per logical switch
MAC Table: It contains the MAC address of VMs connected to logical switches and also contain MAC address of physical end system in same Broadcast domain.
ARP Table: It contains the ARP entries of VMs connected to logical switches and also contain ARP entries of physical end system in same Broadcast domain.
For Layer 3 NSX controller contains routing table for each distributed logical router, NSX controller also has the list of all hosts running a copy of each distributed logical router.
Deploying NSX Controller:
It is the Virtual appliance which is deployed with the help of NSX Manager. It must be deployed in same vCenter on which NSX manager is associated.
For redundancy, there should be three NSX Controller per standalone NSX manager.
NSX Controller can be deployed in separate ESXi, when following condition is met:
- There must be IP connectivity between NSX controller and NSX manager over TCP 443
- All three NSX Controller must have IP connectivity to each other over TCP 443
- Each NSX Controller must have IP connectivity with VMKernal of each ESXi host over port 1234.
As soon as NSX Controller is deployed, they form the cluster automatically, As soon as First NSX Controller has been deployed, it will join the NSX controller Cluster by itself and as soon as other NSX controller is deployed, they will join the same NSX Cluster.
Prerequisite for NSX Controller:
- 4 vCPUs
- 4 GB vRAM with 2 GB reservation
- 20 GB HDD
- VM hardware Version 10
NSX Controller Master & Recovery:
L2 & L3 Control plane are shared among all NSX Controller. Now in order to determine, which portion of L2/L3 control Plane each NSX Controller will handle, NSX Controller cluster will elect the API provider and L2/L3 NSX Controller master.
API Provider: This API Provider master will receives the internal NSX API calls from NSX manager.
L2 NSX master: This Master will assigns the L2 control plane responsibility per logical switch basis to each NSX controller in the cluster and master is also included in it.
L3 NSX Master: This Master will assigns the L3 control plane responsibility per logical router basis to each NSX controller in the cluster and master is also included in it.
This feature of assigning responsibility to handle the portion of L2 and L3 control plane among NSX controller cluster is called as Slicing. And once this responsibilities is distributed among NSX controller Cluster , the Master will inform this distribution list to each NSX controller , so that each NSX Controller in cluster knows that what other NSX Controller are responsible for so that one will act as Master and other two will serve as backups.
If any NSX Controller goes down or stops responding, than NSX L2 & L3 Controller master will distribute or split the responsibility of failed NSX controller (Logical switches and logical distributed router) to working and live NSX Controller.
If the NSX Master fails than the new NSX master will be elected left ones and the newly elected NSX master will start recovering control plane of affected logical switches or logical distributed router.