NSX-ALB

HomeLab 2022: VCF, NSX, SD-WAN, AWS

August 30, 2022

HomeLab 2022: VCF, NSX, SD-WAN, AWS

Architecture and Hardware Refresh

I get asked about my homelab quite a bit, so this post details the recent architecture and hardware changes to my homelab. As with most labs, this one is an ever-changing beast… not to mention great way to spend that hard earned cash! In this revision you will see a major shift in the way VCF, NSX, SD-WAN, AWS is used.

Lab Architecture

The diagram below is a representation of the labs current architecture, the last lab revision included a lot of nested routers. Recently, I scrapped all the virtualized routers and replaced them with physical top of rac

AWS NSX network veeam

Summary of the lab (top down).

  • Two WAN connections, one is a dedicated backup link and also used for remote access. The other is the primary link, connectivity is provided with VMware SD-WAN.
  • The core router / firewall is a Juniper SRX550. This peers with both the VPN gateway and the SD-WAN edge, using OSPF and BGP, respectively.
  • The SRX550 has two VRF’s, one for each VCF region and links and routing protocols are configured accordingly.
  • The top of rack switches are Brocade ICX6610 48P’s, also configured with the VRFs, interfaces, BGP, and VRRP for gateway redundancy.
  • Two physical VCF Regions (Bill of Materials is below). With the VRF’s, I have simluated two datacenters and have configured connectivity with NSX Federation, and NSX-ALB Global Server Loadbalancing (GSLB)
  • There is shared storage between the two VCF Regions, this is provided with a NAS.
  • The connection from the Data Center to AWS is provided with VMware SD-WAN, this is configured in a branch-hub topology.
  • The NAS is used as the primary backup target, critical data is also replicated to AWS S3 using Veeam (backup architecture detailed later).

Bill of Materials

VCF Region 1

  • Fujitsu Primergy RX2540 M1 E5-2640v3 x2 / 256GB RAM / 3TB Flash Storage X2
  • Dell R730 E5-2360v3 x2 / 256GB RAM / 3TB Flash Storage
  • Dell R720 E5-2620 v2 / 256GB RAM / 3TB Flash Storage

VCF Region 2

  • Dell R730XD E5-2640 v3 / 256GB RAM / 3TB Flash Storage
  • Dell R630 E5-2630 v3 / 256GB RAM / 3TB Flash Storage X2
  • Dell R630 E5-2697 v3 / 256GB RAM / 3TB Flash Storage

Networking

  • Sophos XG 430 – VPN Gateway
  • VMware SD-WAN Edge 510
  • Juniper SRX550 – Firewall / Core Router
  • Brocade ICX 6610 48P – top of rack switching
  • Host uplinks to switching is all 10GB

Shared Storage

This is a BareMetal install of TrueNAS.

  • 6 x 6TB WD reds
  • SSD Caching drive
  • 10GB networking

Virtual Environment

Each region has the following deployed.

  • SDDC Manager
  • vCenter
  • VMware NSX (Local Managers)
  • VMware NSX (Global Managers
  • NSX Advanced Load Balancer (NSX ALB) Controllers
  • NSX ALB Service Engines
  • vRealize – Log Inisght, Network Insight, Operations Manager
  • vRealize Automation (Region 1 only)
  • vRealize Lifecycle Manager (Region 1 only)
  • Infoblox (Region 1 only)
  • Microsoft AD (Region 1 only)
  • Veeam (Region 1 only)

If I ever need to test something that is not going to be permanent, I use nested environments in either region. This ensure I do not disrupt the underlaying infrastructure.

Backup Strategy

 

  • How to build a website with WordPress and what are the best plugins to use: Building a website with WordPress is an excellent choice due to its versatility, ease of use, and a vast array of plugins that enhance functionality. Here’s a comprehensive guide to building a WordPress website, along with recommendations for the best plugins.
  • What does this property buzzword mean and how does it actually work? Gearing simply means borrowing money to buy an asset. Negative gearing can be a tax strategy used by investors and describes when the income (ie, the rent) made from an investment is less than the expenses it incurs, meaning it’s making a loss.
  • How to Sell Your Ecommerce Business for the Best Value: Selling an ecommerce business can be a very profitable move. You can use the proceeds to invest in other projects, launch new ecommerce business websites, or even retire. For some startups, selling the business is the end goal. Whether you have a dropshipping website, sell with Amazon FBA, or own a large-scale ecommerce business, there’s an opportunity for you to sell.
  • Comprehensive Guide to WordPress Website Development: Developing a WordPress website is a sequential process that requires careful planning, thoughtful execution, and consistent maintenance to ensure it meets the needs of users and achieves its intended goals. This involves a series of clearly defined stages, including planning, designing, content creation, optimisation, and ongoing maintenance.
  • Top 10 High-Paying Jobs AI Won’t Replace in 2025: Artificial Intelligence (AI) is revolutionizing industries, automating repetitive tasks, and reshaping the global workforce. Despite its remarkable advancements, certain professions remain beyond AI’s capabilities due to their reliance on uniquely human traits like creativity, empathy, and critical thinking. This case study explores the 10 highest-paying, fastest-growing jobs in 2025 that AI won’t replace, delving into why these roles are indispensable and how they are evolving in an AI-driven world.
  • Spill Your Guts: What To Wear To Olivia Rodrigo’s Australian Tour: Never afraid of screaming out all the dark, embarrassing things we’ve all thought before, Rodrigo sings about comparing herself to her boyfriend’s ex-girlfriend. If you want an edgy outfit that mimics the music…
  • Top Social Media Plugins for WordPress to Increase Your Sites Reach and Engagement: If you are seeking to enhance your website’s reach and engagement on social media, you have come to the right place. In this article, we will delve into the premier social media plugins tailored for WordPress users. From Social Warfare to Jetpack, these plugins can facilitate seamless sharing of your content across diverse social platforms.Furthermore, we will provide recommendations to optimize your website’s visibility on social media. Keep an eye out for valuable insights!
  • How to Change PuTTY’s Appearance: PuTTY is a widely-used SSH and telnet client for Windows and Linux hosting. While its default appearance is functional, you can customise it to improve aesthetics and usability. Below are the steps to modify PuTTY’s appearance, including changing the font, window size, colours, and cursor options.
  • What programming languages does vBulletin use?: vBulletin was orginally written in perl and used a flat file database system. However, as sites grew they notice that sites could not cope with a large amounts of traffic. This problem has now been fully rectified when vBulletin was converted to php and a mysql database system.

 

The diagram below depicts the backup workflow configured in the lab.

AWS NSX network veeam
  • Network devices (switches, routers, etc) have their configuration pulled by Oxidized. A cron job on Oxidized runs at a scheduled interval that copies the files to a file share on the NAS.
  • The Oxidized VM is backed up by Veeam, this backup is stored on the NAS
  • vSphere VMs are backed up by Veeam and are stored on the NAS. Critical VMs (AD etc) are also marked for secondary storage, these are replicated to AWS S3.
  • Other critical files, such as those on the file share, are also marked for secondary storage, and replicated to AWS S3.
  • Infrastructure VMs (vCenter, NSX, SDDC Manager, etc) are backed up using SFTP to the scale-out branch tier, as well as the file share on the NAS.

All the content I publish is created utilizing this lab.

NSX

VCF

YouTube

Similar Posts