Migration & Modernization

Understanding Layer 2 Extensions: Comparing Three Prominent Solutions

Layer 2 (L2) network extensions play a critical role in hybrid cloud and data center migrations by providing seamless connectivity between on-premises and cloud environments. They allow virtual machines (VMs) to keep their IP and MAC addresses, ensuring application continuity during migrations or hybrid deployments. Three prominent solutions for L2 extensions are VMware HCX, Nutanix Move, and Cisco Catalyst 8000V. This blog post explores their advantages and differences to help organizations choose the right tool for their needs.

What are Layer 2 Extensions?

Layer 2 extensions bridge network segments across geographically dispersed sites, creating a unified broadcast domain. This allows VMs to communicate as if they were on the same local network, even when some live on-premises and others in the cloud. L2 extensions are useful during migrations, as they minimize network reconfiguration and reduce application downtime. Let’s dive into the specifics of VMware HCX, Nutanix Move, and Cisco Catalyst 8000V, comparing their strengths and differences.

VMware HCX: Robust and VMware-Optimized

VMware HCX (Hybrid Cloud Extension) is a workload mobility platform designed to simplify Virtual Machine (VM) migrations and network extensions across VMware-based environments. Sources include: VMware Cloud on AWS, Azure VMware Solution, and on-premises vSphere environments.

Advantages

  1. Seamless VMware Integration: HCX integrates tightly with VMware vSphere versions 7.x and above with limited connector support for 6.5x. It works with VMware NSX and vSphere Distributed Switches, making it ideal for VMware-centric environments. It automates the deployment of Network Extension (NE) appliances, simplifying setup and management.
  2. High-Performance Network Extension: HCX Network Extension (NE) offers high throughput (4–6 Gbps) for L2 extensions, ensuring low-latency communication between on-premises and cloud environments. Features like TCP Flow Conditioning reduce fragmentation, and Mobility Optimized Networking (MON) optimizes routing for extended networks, minimizing trombone routing effects.
  3. Flexible Migration Options: HCX supports multiple migration types (e.g., vMotion, cold migration, and bulk migration), enabling both live and offline VM transfers without IP changes. It also supports extending VLAN and VXLAN networks, preserving existing network policies. This was critical with customers migrating from the original NSX-V to the current NSX-T which is included in VCF 5.2.1.
  4. High Availability (HA): As of HCX 4.3, NE appliances have the option of HA pairs, reducing downtime during failures or upgrades. The in-service upgrade feature minimizes disruption to seconds.
  5. Broad Cloud Support: HCX integrates with major cloud providers like AWS, making it a versatile choice for hybrid cloud strategies.

Limitations

  • VMware-Centric: HCX is primarily for VMware environments, which might limit its appeal for organizations using other hypervisors like Nutanix AHV or Hyper-V.
  • Licensing Requirements: HCX Network Extension requires a VMware Cloud Foundation license for on-premises environments, potentially increasing costs.
  • Trombone Routing: The default gateway remains on-premises, potentially causing traffic to route back to the source site, increasing latency unless mitigated with MON.

Nutanix Move: Simplified Migration for Hybrid Clouds

Nutanix Move is a migration tool designed to facilitate VM transitions to Nutanix Cloud Clusters (NC2) and other Nutanix environments. It supports L2 extensions to bridge on-premises VMware environments to Nutanix-hosted clouds, often using Cisco CSR1000V or Nutanix Gateway appliances for connectivity.

Advantages

  1. Hypervisor-Agnostic Flexibility: Nutanix Move supports migrations from VMware ESXi, Hyper-V, and other hypervisors to Nutanix AHV or NC2, offering greater flexibility for mixed environments. It can extend networks using third-party routers like Cisco CSR1000V when Nutanix is not running on-premises.
  2. Policy-Based Routing (PBR): Unlike VMware HCX, Nutanix Move has fine-tuned routing control using PBR, empowering administrators to optimize traffic flows and reduce trombone routing. This is useful for cloud-hosted VMs.
  3. Simplified Management: Nutanix Move integrates with Prism Central, providing a unified management interface for compute, storage, and networking. This reduces complexity compared to managing separate VMware tools like vCenter.
  4. Cost-Effective Licensing: Nutanix uses a node-based licensing model, which can be more predictable and cost-effective for smaller organizations compared to VMware’s core-based licensing.
  5. Cloud-Native Design: Optimized for Nutanix Cloud Clusters on AWS, Azure, and other clouds, Nutanix Move is a compelling choice for organizations adopting Nutanix’s hyper-converged infrastructure (HCI).

Limitations

  • Manual Network Configuration: Unlike HCX’s automated bridging, Nutanix requires manual recreation of on-premises networks as overlays in the cloud, making it complex.
  • Dependency on Third-Party Routers: For non-Nutanix on-premises environments, L2 extensions rely on external routers like Cisco CSR1000V, adding complexity and potential costs.
  • Potential Latency: L2 extensions might introduce latency caused by trombone routing. Using PBR is a mitigation technique, but doesn’t fix the issue completely.

Cisco Catalyst 8000V: Virtual Router for Multi-Cloud Flexibility

The Cisco Catalyst 8000V is a virtual router designed for SD-WAN, WAN gateway, and network services in virtualized environments. It supports L2 extensions using protocols like LISP (Locator/ID Separation Protocol) to bridge on-premises and cloud networks.

Advantages

  1. Multi-Cloud Versatility: The Catalyst 8000V supports deployment on AWS and other hyperscalers, making it highly adaptable for multi-cloud strategies. It can extend L2 networks to public clouds without requiring changes to server IP addresses or subnet configurations.
  2. Rich Feature Set: Built on Cisco IOS XE, the Catalyst 8000V offers enterprise-grade features like SD-WAN, IPSec VPNs, NAT, QoS, and next-generation firewall capabilities, making it more than an L2 extension tool. It supports LISP for L2 extensions, providing a lightweight and scalable solution for network stretching.
  3. High Performance: Optimized for low-latency applications, the Catalyst 8000V supports high-throughput L2 extensions, especially when configured with proper vCPU and memory resources. Features like CPU pinning and NUMA tuning enhance performance in virtualized environments like KVM and VMware ESXi.
  4. Broad Hypervisor Support: It runs on VMware ESXi, Red Hat KVM, and public cloud environments, offering flexibility for diverse infrastructures.
  5. Simplified Licensing: The Catalyst 8000V uses Cisco’s Smart Licensing Using Policy framework, which is included with Cisco DNA Software subscriptions, streamlining licensing for enterprises.

Limitations

  • Complex Configuration: Configuring LISP-based L2 extensions requires expertise in Cisco IOS XE and network protocols, which is challenging for teams without Cisco experience.
  • No Native VMware Integration: Unlike HCX, the Catalyst 8000V is not specifically optimized for VMware environments, requiring additional configuration for vSphere-based setups.
  • Resource Intensive: The router requires larger instance types depending on performance and number of L2E IPs required, potentially increasing costs in virtualized deployments.

Considerations

Compared to migration and L2E capabilities of VMware and Nutanix, the Cisco 8000V provides more flexibility because it is not dependent on a type of hypervisor. This technology can be leveraged with both physical and virtual infrastructures. The factors that influence architecture are around the networking capabilities on each side of the extension. When an AWS subnet is one or both sides of the extension, specific items must be considered.

  • The quantity of workloads that require L2Es.
  • EC2 instance type and secondary IP capacity. This directly relates to the amount of L2Es supported by the appliance instance. Read more information on our documentation.
  • Costs of EC2 appliance and costs of the Cisco 8000V.
  • Deployment includes a 90-day trial and Cisco TAC (support) during the trial.
  • The tunnel between both appliances is an IPSec connection. This handles connections through the public internet and through AWS Direct Connect.
  • Find detailed documentation about the Cisco 8000V configuration for AWS in Cisco’s configuration guide.

Key Differences

Feature VMware HCX Nutanix Move Cisco Catalyst 8000V
Primary Use Case VMware-to-VMware migrations and hybrid cloud VMware to Nutanix migrations Multi-cloud L2 extensions and SD-WAN
Hypervisor Support VMware ESXi (primary), limited others VMware ESXi, Hyper-V, Nutanix AHV VMware ESXi, KVM, public clouds
L2 Extension Mechanism L2VPN via HCX-NE appliances VXLAN with Nutanix GW or Cisco CSR1000V LISP-based L2 extension
Default Gateway Location On-premises (trombone routing) Flexible with PBR, can be cloud-based Configurable, often enterprise-based
Performance 4–6 Gbps with TCP Flow Conditioning Dependent on GW/router, PBR optimization High, optimized for low-latency apps
Management Interface HCX Manager, integrated with vCenter Prism Central Cisco IOS XE CLI or GUI tools
Cloud Integration VMC and EVS Nutanix NC2 on AWS Yes
Licensing VMware Cloud Foundation (VCF) Node-based, subscription options Cisco DNA Software subscriptions
Ease of Use Automated, VMware-centric Manual network recreation, simpler UI Complex, requires Cisco expertise

Choosing the Right Solution

  • Choose VMware HCX if you’re heavily invested in VMware vSphere and need a seamless, high-performance solution for migrations to VMware Cloud on AWS or other VMware-based clouds. It’s ideal for organizations prioritizing automation and VMware ecosystem compatibility.
  • Choose Nutanix Move if you’re transitioning from VMware to Nutanix AHV or NC2 and want a hypervisor-agnostic solution with flexible routing options. It’s best for organizations adopting Nutanix’s HCI and seeking simplified management.
  • Choose Cisco Catalyst 8000V if you need a versatile, multi-cloud solution with robust networking features beyond L2 extensions, such as SD-WAN or firewall capabilities. It’s suited for organizations with Cisco expertise and complex, multi-cloud architectures.

Conclusion

Each of these solutions—VMware HCX, Nutanix Move, and Cisco Catalyst 8000V—offers unique strengths for Layer 2 extensions, tailored to different use cases and environments. VMware HCX excels in VMware-centric deployments with high performance and automation. Nutanix Move provides flexibility for Nutanix migrations and simplified management. Cisco Catalyst 8000V offers unparalleled multi-cloud versatility and enterprise-grade networking features. By understanding your organization’s infrastructure, cloud strategy, and technical expertise, you can select the tool that best aligns with your migration and hybrid cloud goals.For more details, check out:

This blog provides a high-level comparison based on available information. Always consult official documentation and test solutions in your environment to ensure compatibility and performance.