SDDC Groups with VMware Transit Connect™

Nay Mo Htet

December 7, 2022

VMC on AWS SDDC Version 1.12 release brings many new exciting features to our customers. With this release, SDDC networking becomes easier to manage, more scalable, and performant with the VMware Transit Connect™. This feature was in Preview earlier and is now Generally Available in this release. It has again opened many opportunities for our customers to innovate on VMC on AWS and set the stage for the next generation network for hybrid cloud.

VMware Transit Connect delivers VMware-managed, easy-to-use, scalable, and performant connectivity solutions between VMware Cloud on AWS SDDCs. It uses the new features called SDDC Groups. It leverages the AWS Transit Gateway (TGW) to provide high-bandwidth, low-latency connectivity between SDDCs in the group and other VPCs in the same region. You can also add a Direct Connect Gateway (DXGW) to provide centralized connectivity to your on-premises SDDCs.

In this post, I introduce using SDDC Groups with new VMware Transit Connect.

Start with this diagram below. Before VMware Transit Connect, you need to establish VPN connectivity between SDDCs. So, the use cases for integrating production workloads between SDDCS are limited to VPN throughput and latency.

VMware Transit Connect is now available to enable customers to build multi-SDDCs architecture with highly scalable, resilient, and high-speed connectivity.

You can create an SDDC Group with multiple SDDCs that enable connectivity automatically between the VMware Cloud on AWS SDDC Group members. The SDDC Group allows any-to-any high bandwidth, low latency connectivity between SDDC Group members in a single AWS region. Each SDDC attachment can handle up to 50 Gbits/second of burst traffic.

Since the initial launch of VMware Cloud on AWS, every SDDC is cross-linked via ENI to a VPC within the customer-owned AWS account. Our customer has been innovating their workload integrations and modernizing application with a breadth of AWS services using this feature.

As you can see in this diagram below, before VMware Transit Connect, you need to establish VPN connectivity to any other VPCs for deploying hybrid applications across your SDDCs and AWS VPCs.

VMware Transit Connect brings it to the next level to enable high bandwidth, low latency connectivity between SDDCs and VPCs to build high-speed hybrid applications.

Our customers are wholeheartedly using AWS Direct Connect (DX) to achieve a dedicated connection between the on-premises network and SDDC workloads providing predictable bandwidth and latency performance. You notice it needs to attach Direct Connect Private VIF to individual SDDC. With the recommended setup for the Production environment, it is not uncommon to find redundant AWS Direct Connect Connections that increases the Private Virtual Interfaces to your SDDC. You can attach up to 4 Private VIF connections per SDDC.

VMware Transit Connect gives you another connectivity option between Your SDDC and On-Premises Data Center. It enables the customer to centralize connectivity to SDDC Group using Direct Connect Gateway, providing DX connectivity to all SDDC Group members. You no longer need to configure Direct Connect Private VIF per individual SDDC, reducing your network management overhead and simplifying the network architecture.

A Direct Connect gateway is a globally available resource, so you can now access the SDDC Group from any Direct Connect location.

As you can see, SDDC Groups with VMware Transit Connect provide customers with the ability to logically organize a set of SDDCs to simplify networking models and management at scale. You can quickly build multiple SDDCs whose workloads need a high-bandwidth, low-latency connection to each other.

Here are a couple of other things you should know about Transit Connect routing.

Traffic originating from SDDCs can be routed as SDDCs-to-SDDCs, SDDCs-to-VPCs, and SDDCs-to-DXGW using VTGW.

Traffic originating from VPCs or DXGW can be routed as VPCs-to-SDDCs, DXGW-to-SDDCs using VTGW. 

Traffic between VPCs-to-VPCs and VPCs-to-DXGW is blocked using VTGW. This routing policy is enforced because, as a VMware Managed service, our SRE teams need the observability of SDDC at one end of the flow. It is not uncommon to find customers using AWS Transit Gateway to simplify VPC network architecture. For example, you can go to this diagram that illustrates this topology.

Take a look at the product page and the documentation to learn more.

Nay is a Specialist Solution Architect for VMware Cloud on AWS within the Cloud Customer Success Team at VMware. He focuses on helping customers realize ultimate success with innovative solutions using VMware Cloud services. Nay has over 14 years of extensive experience with a strong background in transformative technology solutions on end-user computing, data center transformation, and cloud computing. 

Nay Mo Htet

Cloud Customer Success Architect, VMware

Get connected with Nay Mo Htet:


Related Articles