NSX-V 6.1 Configuration Maximums
It was not that easy to find this information on the official VMware website. However, during a current NSX-V integration project, we received the following Configuration Maximums table from VMware PSO, including the permission to share the content with the community. Credit goes to Aleksander Bukowinski.
As soon as the information will be publicly available, I will insert the link in this article.
Currently, an NSX-V domain has a 1-1 relationship with a vCenter. Therefore NSX-V depends on the vSphere / VC scale limits for many parameters – you can find those limits for vSphere 5.5 here:
This information is based on NSX 6.1
# of Nodes
NSX Controllers: 3
vCenter Clusters: 12
Hosts per Cluster: 32
Hosts per Transport Zone: 256
Logical Switch: 10,000
Logical Switches Ports: 50,000
VXLAN/VLAN bridging per DLR: 500
Maximum number of L2VPN clients (spoke) handled by a single L2VPN server (hub): 5
Rules per NSX-Mgr: 100,000
Rules per VM: 1,000
Rules per host: 10,000
Concurrent connections per host: 2,000,000
Security Groups per NSX-Mgr: 10,000
Note: “the # of rules supported” = the # of rules defined (even if the rule has many source / destination elements).
L3-Distributed Logical Router (DLR)
Distributed Logical Routers: 1000 per Host as of 6.1.2, 100 for earlier releases
Note: 1,200 per NSX-Manager
Note: HA doesn’t change the scale of DLR.
The DLR has interfaces connected to Logical Switches. A LS is in a Transport Zone. A TZ contains Clusters. All those Clusters/ESXi will get that DLR installed in kernel.
So to go over 1000 DLR in a NSX Domain, you must create multiple TZ with different Clusters in each TZ.
Interfaces per DLR: 999 with a max of 8 uplinks
Routes per DLR: 2,000 (including the connected)
Note: 12,000 per NSX-Manager
OSPF adjacencies per DLR: 10
BGP neighbors per DLR: 10
L3-Edge Service Gateway (ESG)
Edge Service Gateways: 2,000
Note: HA doesn’t change the scale of Edges.
Interfaces: 10 interfaces (internal, uplink, or trunk)
Note: With trunk, 200 sub-interfaces per Edge
NAT rules per ESG (all sizes): 2,000
Static routes per ESG (all sizes): 2,048
BGP routes per ESG (compact / large / x-large / quad-large): 20,000 / 50,000 / 250,000 / 250,000
BGP neighbors per ESG (compact / large / x-large / quad-large): 10 / 20 / 50 / 50
BGP routes redistributed (all sizes): no limit
OSPF routes per ESG (compact / large / x-large / quad-large): 20,000 / 50,000 / 100,000 / 100,000
OSPF adjacencies per ESG (compact / large / x-large / quad-large): 10 / 20 / 40 / 40
OSPF routes redistributed (compact / large / x-large / quad-large): 2,000 / 5,000 / 20,000 / 20,000
Total number of routes (compact / large / x-large / quad-large): 20,000 / 50,000 / 250,000 / 250,000
FW rules per ESG (all sizes): 2,000
Concurrent connections per host (compact / all other sizes): 64,000 / 1,000,000
Load Balancer VIPs per ESG (all sizes): 64
Load Balancer Pools per ESG (all sizes): 64
Load Balancer Servers per Pool (all sizes): 32
DHCP Pools per ESG (all sizes): 20,000
IPSEC / VPN
Number of IPSEC / VPN per ESG (all sizes): No limit
Number of IPSEC Tunnels per ESG (compact / large / quad-large / x-large): 512 / 1600 / 4096 / 6000
Note: # of tunnels = (number of local subnets) x (number of peer subnets)
Number of conc sessions (compact / large / quad-large / x-large): 50 / 100 / 100 / 1000