VMware NSX-v Configuration Maximums
VMware usually publishes a Configuration Maximums paper on their products. NSX has quite a bit of specifics that have a limit, but there is not an official configuration maximums paper yet. I hope there will be one soon, but for now I’ve compiled a list of findings from my travels on the interwebs.
Most of the figures on NSX 6.1 are confirmed by a paper from PSO, others are from the documentation and real life limits.
| Description | NSX 6.1 | NSX 6.2 | NSX 6.3 |
|---|---|---|---|
| Relations | |||
| vCenters | 1 | 1 | 1 |
| DRS Clusters | 12 | 12 | 16 |
| NSX Controllers | 3 | 3 | 3 |
| Hosts per cluster | 32 | 32 | 32 |
| Hosts per Transport Zone | 256 | 512 | 512 |
| Layer 2 | |||
| Logical Switches | 10,000 | 10,000 | 10,000 |
| Logical Switch Ports | 50,000 | 50,000 | 50,000 |
| Bridges per DLR | 500 | 500 | 500 |
| Distributed Firewall | |||
| Rules per NSX Manager | 100,000 | 100,000 | 100,000 |
| Rules per VM | 1,000 | 3,500 | 3,500 |
| Rules per Host | 10,000 | 10,000+ 1 | 10,000+ 1 |
| Concurrent connections per Host | 2,000,000 | 2,000,000 | 2,000,000 |
| Security Groups per NSX Manager | 10,000 | 10,000 | 10,000 |
| Distributed Logical Router | |||
| DLRs per Host | 1,000 (6.1.2+) | 1,000 | 1,000 |
| DLRs per NSX Manager | 1,200 | 1,200 | 1,200 |
| Interfaces per DLR | 999 2 | 999 2 | 999 2 |
| Uplink interfaces per DLR | 8 | 8 | 8 |
| Active routes per DLR | 2,000 | 2,000 | 2,000 |
| Active routes per NSX Manager | 12,000 | 12,000 | 12,000 |
| OSPF Adjacencies per DLR | 10 | 10 | 10 |
| BGP Peers per DLR | 10 | 10 | 10 |
| NSX Edge Services Gateway | |||
| ESGs per NSX Manager | 2,000 | 2,000 | 2,000 |
| Interfaces per ESG (internal, uplink or trunk) | 10 | 10 | 10 |
| Subinterfaces on a trunk | 200 | 200 | 200 |
| Static routes per ESG | 2,048 | 2,048 | 2,048 |
| ESG - Compact | |||
| NAT Rules per ESG | 1,024 | 2,048 | 2,048 |
| OSPF Routes per ESG | 20,000 3 | 20,000 3 | 20,000 3 |
| OSPF Adjacencies per ESG | 10 | 10 | 10 |
| BGP Peers per ESG | 10 | 10 | 10 |
| BGP Routes per ESG | 20,000 | 20,000 | 20,000 |
| Total Routes per ESG | 20,000 | 20,000 | 20,000 |
| Concurrent connections per ESG | 64,000 | 64,000 | 64,000 |
| Load Balancer VIPs | 64 | 64 | 64 |
| Load Balancer Pools | 64 | 64 | 64 |
| Load Balancer Servers per Pool | 32 | 320 | 320 |
| SSL-VPN Concurrent connections | 50 | 50 | 50 |
| ESG - Large | |||
| NAT Rules per ESG | 1,024 | 2,048 | 4,096 |
| OSPF Routes per ESG | 50,000 3 | 50,000 3 | 50,000 3 |
| OSPF Adjacencies per ESG | 20 | 20 | 20 |
| BGP Peers per ESG | 20 | 20 | 20 |
| BGP Routes per ESG | 50,000 | 50,000 | 50,000 |
| Total Routes per ESG | 50,000 | 50,000 | 50,000 |
| Concurrent connections per ESG | 1,000,000 | 1,000,000 | 1,000,000 |
| Load Balancer VIPs | 64 | 64 | 64 |
| Load Balancer Pools | 64 | 64 | 64 |
| Load Balancer Servers per Pool | 32 | 320 | 320 |
| SSL-VPN Concurrent connections | 100 | 100 | 100 |
| ESG - X-Large | |||
| NAT Rules per ESG | 1,024 | 2,048 | 4,096 |
| OSPF Routes per ESG | 100,000 3 | 100,000 3 | 100,000 3 |
| OSPF Adjacencies per ESG | 40 | 40 | 40 |
| BGP Peers per ESG | 50 | 50 | 50 |
| BGP Routes per ESG | 250,000 | 250,000 | 250,000 |
| Total Routes per ESG | 250,000 | 250,000 | 250,000 |
| Concurrent connections per ESG | 1,000,000 | 1,000,000 | 1,000,000 |
| Load Balancer VIPs | 64 | 1024 | 1024 |
| Load Balancer Pools | 64 | 1024 | 1024 |
| Load Balancer Servers per Pool | 32 | 3072 | 3072 |
| SSL-VPN Concurrent connections | 100 | 100 | 100 |
| ESG - Quad-Large | |||
| NAT Rules per ESG | 1,024 | 2,048 | 8,196 |
| OSPF Routes per ESG | 100,000 3 | 100,000 3 | 100,000 3 |
| OSPF Adjacencies per ESG | 40 | 40 | 40 |
| BGP Peers per ESG | 50 | 50 | 50 |
| BGP Routes per ESG | 250,000 | 250,000 | 250,000 |
| Total Routes per ESG | 250,000 | 250,000 | 250,000 |
| Concurrent connections per ESG | 1,000,000 | 1,000,000 | 1,000,000 |
| Load Balancer VIPs | 64 | 1024 | 1024 |
| Load Balancer Pools | 64 | 1024 | 1024 |
| Load Balancer Servers per Pool | 32 | 3072 | 3072 |
| SSL-VPN Concurrent connections | 1000 | 1000 | 1000 |
| ESG - All Sizes | |||
| Firewall rules per ESG | 2,000 | 2,000 | 2,000 |
| DHCP Pools per Edge Service Gateway | 20,000 | 20,000 | 20,000 |
1 = Maximum depends on multiple factors, can be different in different environments.
2 = Maximum of 991 internal and max 8 uplinks
3 = Maximum of 750 LSA type-1 routes
Change log
6 Feb 2017: Added 6.2 and 6.3, removed 6.1 as it’s end-of-life.
Disclaimer
None of these numbers are officially confirmed by VMware and they can differ in different environments. I’m hoping there will be an official document stating the maximums in the future.