Network admins hate stretching VLANs across data centers, we absolutely hate it. It causes potential instability on a inter-data center scope, destroys our isolated fault domains; something happens with VLAN X on site A, it also can take down site B (unless you take special precautions). I spent a few hours last week and the week before to help out customers that had that exact issue, which triggered this post.

The entire idea of stretching VLANs between data centers is about virtual machine mobility. You can do a failover between sites and don’t have to make adjustments to your applications … Read more


NSX 6.2.3 was released a few weeks ago and brought a bunch of new stuff and fixes. I came across an undocumented change not mentioned in the release notes, which caused me some head ache, this post describes that change.

The NSX Edge Services Gateway can provide you with a SSL-VPN solution, making it possible for road-warriors to connect to the secured virtual network or make it possible for developers to connect to duplicate development environments. The SSL-VPN client is a lightweight and easy to use VPN client and you can set all kinds of policies as the VPN … Read more


If you want to remove VMware NSX from your vSphere environment, it’s as simple as reversing the installation steps (remove logical network configuration, remove NSX Service VMs, remove the NSX VIBs from the ESXi hosts and remove the NSX Manager). NSX is completely managed through the vSphere Web Client connecting to your vCenter. After you have reversed the installation steps, you are left with the NSX solution inside the vSphere Web Client.

vmguru-vsphere-web-client-nsx

Removing the NSX Solution from vCenter

Inside vCenter there’s the Managed Object Browser (MOB), which has access to all objects in the vCenter system and you can … Read more


VMware NSX 6.2.3 was released today and it’s a good one! There’s a lot of improvements and some new stuff in there, it’s a hell of a maturing release. Below are a few highlights.

NSX for vShield Endpoint license

There’s a default license generated when you install NSX now, and it defaults on the NSX for vShield Endpoint license. This means you can by default (and without cost) manage anti-virus offloading functionality. This is one step closer to a vShield replacement and an open download.

NSX Hardware Layer 2 Gateway Integration

This has been in the works for a while … Read more



VMware NSX is completely software based. This means it’s flexible as heck and you can have a lot of instances running concurrently. It also means you can go crazy with your network topology designs and amount of tinkering you can do with your virtual network. I am someone who loves to tinker. Sometimes a bit too much. A consequence of this, is that I sometimes break my virtual test lab and have to re-install it and return to the starting point. This has happened … Read more



One of the great things of all network virtualization solutions, is that they can be automated using some form of API that they publish. Cisco ACI is no different and offers a RESTful API which you can consume to do stuff on the network. Well, it’s a ‘sort-of’ RESTful API, as they only seem to use GET and POST functions, no DELETE, PUT, etc. Instead to delete an object, you do a POST with the status ‘deleted’. Anyway, details.

PowerTool

Cisco has a PowerShell … Read more



The VMware Identity Manager (previously known as Workspace Portal) is a virtual appliance with Linux on it. When you install it, you configure a root and admin password for access to the administration interface. You need this password for appliance maintenance, upgrades, etc. As with keys, it is possible to loose this password and being unable to upgrade the appliance (as a colleague of mine learned).

As the password reset process is not really documented fully, I thought I’d throw the steps to reset … Read more