When deploying east-west network introspection, which Service Virtual Machine (SVM) deployment method achieves the least amount of traffic hairpinning?
A.
Create a secondary vNIC on each quest VM for SVM communication.
B.
Place a partner SVM on each compute cluster node.
B should be the correct answer.
"For SVMs deployed on compute hosts, an SVM does not need to be installed on every host. Some customers prefer to deploy the partner SVM on each host to achieve the least amount of traffic hairpinning.
When the partner SVM is deployed in a service cluster, traffic is sent from the compute hosts across the overlay to the hosts in the service cluster."
Taken from NSX-T ICM 3.0 Lecture Manual
That is an excellent excerpt from the Lecture Manual. Another supporting document below for Choice B.
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-891363D9-D7D6-418B-9C81-33F2A42EA665.html
Deploy partner service VMs that run the partner security engine on all the NSX-T Data Center hosts in a cluster. After you deploy the SVMs, you can create policy rules used by SVM to protect guest VMs.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
diegof1
Highly Voted 4 years, 7 months ago[Removed]
4 years, 6 months agoNSXT
Highly Voted 4 years, 7 months agoLazylinux
Most Recent 3 years, 4 months agogomtini
3 years, 7 months ago[Removed]
4 years, 3 months agomissaw84
4 years, 5 months ago