Everything shown here is included in all OpenShift subscriptions.

As enterprises shift from VMware to OpenShift Virtualization, one of the most common questions is: how do networking concepts map across? This post walks through key visual mappings to help make that connection.

Figure 1: Virtual Machine Networking in OpenShift

This diagram shows how VMs in OpenShift can connect to:

• OpenShift SDN (for pods and services), or

• External networks via Multus and nmstate.

Supported interface types include:

• Linux Bridge

• VLAN

• Bond

• Ethernet

This architecture is fully supported and replicates VMware flexibility at the node level.

Figure 2: Core VMware to OpenShift Mapping

Here we map:

• VM Network ➝ NetworkAttachmentDefinition (NAD)

• Virtual Machine ➝ OpenShift VirtualMachine resource

• Physical NIC ➝ Configured via NodeNetworkConfigurationPolicy (NNCP)

Think of NAD as the way you attach your VM to a Port Group.

Figure 3 & 4: OVS-Bridges and NADs

• OVS bridges are equivalent to Distributed Switch Port Groups in VMware and are configured via NNCPs.

• NADs are created within each OpenShift project/namespace and map to port groups such as airgap-VLAN999.

This mapping gives OpenShift Virtualization full parity with DVS and vNIC connectivity models.

Figure 5: Micro-segmentation with OpenShift SDN

OpenShift supports NetworkPolicies to enable true micro-segmentation, even for VMs.

✅ You can:

• Allow or deny traffic between pods, VMs, and namespaces

• Use fine-grained rules like:

  • allow traffic to a VM on port 8080

  • block all ingress from other projects

  • isolate traffic to/from specific labels

These policies are native to OpenShift and extend automatically to VMs.

By combining OpenShift SDN + Multus + nmstate, you can fully recreate and improve upon VMware networking setups — and it’s all included in your OpenShift subscription.