Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall

vDS (Distributed Switch)
An interface on a distributed switch can connect to the rest of the network


Advanced Settings



To implement:

  • Enable OSPF

  • Config uplink
  • Add subnet to new interface
  • Assign VLAN number to distributed port group for VLAN IF


There can be up to x1000 logical interfaces to one distributed router


Distributed Logical Firewall
Diagram to try and display my understanding of how the firewall rules apply based on security groups

Distributed Logical FirewallRules only apply to the ESXi hosts which have the source or destination VM traffic


Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors


These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.