We have briefly looked at transport zones in the previous chapters. A transport zone controls the domain of a logical switch among the hosts. In other words, it controls which hosts a logical switch can reach. A transport zone is configured on a per-cluster basis and can span multiple clusters in a vCenter. A universal transport zone can span multiple clusters across multiple vCenters. A transport zone dictates which host and, by extension, which virtual machines are allowed to participate in a particular network. In a typical environment, there can be more than one transport zone that is mapped to a host or to a cluster. However, a logical switch can only belong to one transport zone.

If a virtual machine belongs to a different transport zone, you will not be able to directly communicate with that virtual machine. This means that a vNIC is limited to spanning within the bounds of a transport zone. A virtual machine, however, can have multiple vNICs, each belonging to a different transport zone.

In a cross-vCenter NSX environment, you can create a universal transport zone that includes clusters from any vCenter in the entire environment, thereby extending your logical network. However, you can only create one universal transport zone.

A universal transport zone is created by the primary NSX manager and is synchronized across all the secondary NSX managers. A universal logical switch associated with a universal transport zone can extend to one or more vSphere clusters across multiple vCenters. There can only be one universal transport zone.

To add a transport zone, follow these steps:

1. Go to Home | Networking & Security | Installation | Logical Network Preparation tab | Transport Zones.
2. Click on the + icon to add a new transport zone. To add a universal transport zone in a cross-vCenter NSX environment, you have to select the primary NSX manager:

3. Enabling Mark this object for Universal Synchronization allows this to be a universal transport zone.
4. Name the transport zone appropriately.
5. Select a Replication mode:

• Multicast: Instead of deploying controller clusters, you can use multicast IP addresses in the physical network for your control plane in this mode. This mode requires PIM/IGMP configured in your physical network.
• Unicast: The control plane is managed by NSX by means of the controller clusters. No changes are needed in the physical network.
• Hybrid: Hybrid mode offloads any local traffic replication to the physical network by means of multicast. This requires IGMP snooping to be configured in your physical network.

6. Select the clusters you want this transport zone to span to. A transport zone will remain local to the NSX Manager it was created in. A universal transport zone will span to all NSX environments in a cross-vCenter NSX deployment. Click OK when done:

7. The transport zone is now created. Notice the scope and the icon difference between a Global and a Universal transport zone.

You can double-click on a transport zone to manage its settings. Alternatively, you can use the Actions drop-down to change the settings. You can also add or remove any clusters from the transport zone membership as required.