NSX-T

Question 1

What is a virtual switch?

Answer 1

a piece of software that emulates a physical Layer 2 networking device; allows to interconnect virtual machines in the same fashion as physical devices

Question 2

How does a virtual switch provide physical network connectivity?

Answer 2

by mapping uplink ports to the physical network interface cards (NICs) of the host

Question 3

What does it mean that VMware vSphere implements a single-tier virtual switch network topology?

Answer 3

there is no way to directly interconnect multiple virtual switches

Question 4

What are the two virtual switches supported by vSphere?

Answer 4

• vSphere Standard Switch (VSS)
• vSphere Distributed Switch (VDS)

Question 5

What is VSS?

Answer 5

localized, resides within a single host

Question 6

What is vSphere Distributed Switch (VDS)?

Answer 6

more robust capabilities that span across multiple hypervisor hosts

Question 7

How does VSS implement data plane and management plane?

Answer 7

• contains both management and data planes in a single package
• must configure and maintain each vSS instance individually

Question 8

What defines how virtual machine connections are made through the vSS to the physical network?

Answer 8

a port group

Question 9

What if a port group has no physical NICs configured?

Answer 9

virtual machines can only communicate with each other but do not have connectivity to the external network

Question 10

How does VDS behave?

Answer 10

like a single switch across all associated hypervisor hosts in a data center

Question 10

How does VDS implement data plane and management plane?

Answer 10

• has separate management and data planes
• vCenter provides the management-plane functionality, and the data plane remains local to each hypervisor host via a host proxy switch that is associated to the vDS

Question 11

In which environments is VDS most useful?

Answer 11

environments that use advanced features like vMotion because a virtual machine is able to access its assigned distributed port group on each hypervisor host associated to the VDS

Question 12

What are the supported NIC load balancing mechanisms?

Answer 12

• Route Based on Originating Virtual Port
• Route Based on IP Hash
• Route Based on Physical NIC Load

Question 13

How does Route Based on Originating Virtual Port load balancing mechanism work?

Answer 13

• selects an uplink based on the virtual machine port ID
• no specific upstream switch configurations needed
• virtual guest throughput is limited to the speed of the selected uplink

Question 14

How does Route Based on IP Hash load balancing mechanism work?

Answer 14

• selects an uplink based on the source and destination IP address of each packet
• requires the physical switches to be configured with active or passive Etherchannel
• virtual guest flows are load-shared across all associated uplinks

Question 15

How does Route Based on Physical NIC Load load balancing mechanism work?

Answer 15

• starts using the default route based on originating virtual port
• moves to a virtual port when an uplink port reaches 75% utilization over a 30 sec period
• no specific upstream switch configurations needed
• requires vSphere Enterprise Plus

Question 16

What is the defaul load balancing mechanism?

Answer 16

Route Based on Originating Virtual Port

Question 17

What are the different vNICs that vSphere support?

Answer 17

• E1000 and E1000E
• VMXNET3

Question 18

Describe E1000 and E1000E

Answer 18

• virtual Ethernet adapters that emulate Intel 82545EM or 82574 network adapters
• require additional CPU cycles to process all guest virtual-machine network traffic

Question 19

Describe VMXNET3

Answer 19

• a para-virtualized device created by VMware
• no emulated hardware - optimized for performance
• functions like a 10G NIC

Question 20

How does Single Root I/O Virtualization (SR-IOV) work?

Answer 20

• enables a device, such as a network adapter, to appear as multiple independent physical devices to the hypervisor or the guest virtual machine’s operating system
• exchanges data directly with the physical adapter, bypassing the VMkernel

Question 21

Which environment does Single Root I/O Virtualization (SR-IOV) fit the best?

Answer 21

workloads with very high packet rates or low latency requirements

Question 22

What are the compatibility constraints of Single Root I/O Virtualization (SR-IOV)?

Answer 22

not compatible with several vSphere virtualization features such as vMotion, HA, and DRS

Question 23

What are the methods of using VLAN tagging in vSphere?

Answer 23

1. external switch tagging (EST)
2. virtual switch tagging (VST)
3. virtual guest tagging (VGT)

Question 24

Describe External Switch Tagging (EST)

Answer 24

* the physical switches are responsible for VLAN tagging * there are no VLAN tags configured between the physical and virtual switches

Question 25

Describe Virtual Switch Tagging (VST)

Answer 25

the most commonly used configuration deployment where both the physical and virtual switches are configured for VLAN tagging

Question 26

Describe Virtual Guest Tagging (VGT)

Answer 26

* a deployment where the guest virtual machine performs the VLAN tagging * all VLAN tags pass from the physical switches through the virtual switching layer and arrive unchanged on the guest virtual machine networking stack

Question 27

What is the role of the vCenter plugin for Panorama?

Answer 27

enable VM monitoring in a vSphere environment

Question 28

What are the vCenter's plugin configuration components?

Answer 28

1. vCenter 2. Notify Group 3. Monitoring Definition

Question 29

What is the purpose of a Notify Group?

Answer 29

determine which device groups should be notified of VM changes

Question 30

What is the purpose of a Monitoring Definition?

Answer 30

synchronize the VM information from the configured vCenter server to the Notify Group definitions

Question 31

Which pieces of information does VM vCenter Panorama plugin pull from the VMs running in a vCenter?

Answer 31

* VM name * guest OS * annotation * VLAN ID * host IP * user-defined tag

Question 32

What is the purpose of the the NSX plugin for Panorama?

Answer 32

ensure simple deployment of VM-Series firewalls in the NSX-T environment

Question 33

What are the two NSX plugin components?

Answer 33

1. Service Manager 2. Service Definitions

Question 34

What kind of management refers to workloads moving from a physical host to a different physical host as the environment changes?

Answer 34

Resource management

Question 35

What kind of group defines how virtual machine connections are made through the vSphere Standard Switch to the physical network?

Answer 35

Port group

Question 36

Which two vSphere methods help you configure and manage your network resources?

Answer 36

* Virtual Ethernet Adapters (vNIC) * Single Root I/O Virtualization (SR-IOV)

Question 37

True or false? NSX-T requires both VM-Series firewalls and Panorama to be at version 9.1 or later for North-South implementation.

Answer 37

true

Question 38

Which component ensures simple deployment of VM-Series firewalls in your NSX-T environment?

Answer 38

Panorama NSX Plugin