Certain service appliances cannot be edited manually inside vCenter. For instance, VMware NSX Edge appliances are an example of such service appliances. These VMs are managed by the NSX Manager and you shouldn’t change their configuration manually. Normally. 😉

But sometimes you need to edit those VMs. There are not many reasons why you would want to do this (as it’s heavily unsupported), but one reason might be to free up resources in your home lab (which is exactly why I wanted to do this). For instance, NSX Edge appliances come with a CPU & memory reservation placed on … Read more


The VMware Fling labs is one of my favourite things, as it brings some awesome new tech straight from VMware R&D. Some of these flings flow to the product cycles (remember the HTML5 client, now default in vCenter?). And they did it again!

Ever since I’ve seen an internal session about this product, I’ve been anxiously waiting for it to be released (one way or another). Autopology just dropped on the Flings website. Autopology is a translator between your network drawings and the real-life configuration. It is a what-you-see-is-what-you-get editor where you can create drawings of a network topology and … Read more


NSX 6.3 has just been made generally available and it’s a humongous one. The changes in this new version reflect a new maturation phase in which NSX is now in. Here are my top picks, for the entire list of changes go here.

Controller Disconnect Operation (CDO) Mode

The control plane and data plane in SDN are inherently separated from each other. The control plane can be shut down without affecting the data plane, at least, affecting it immediately. Once the control plane is down, no changes can be made and the data plane operators (in NSXs case, the … Read more


I’ve been rolling out quite a few vRealize Network Insight deployments (labs, Proof-of-Concepts) and while the installation of NI is a cake walk (see automated installer here), add the data sources can be time consuming if you have a bunch of switches and/or other data sources which need to be imported.

The Network Insight team has done a very good job on the architecture of the product, where they are using all kinds of cool API calls to push and retrieve information from the NI backend. This is mostly done via JavaScript, which means the users browser is executing … Read more


The good people of vRealize Network Insight made the OVAs of Network Insight 3.2 Import-vApp safe, which means you can now install it with PowerCLI!

Network Insight consists of two VMs; the Platform VM and the Proxy VM. The setup process looks like this:

  • Deploy Network Insight Platform OVA to vSphere
  • Browse to the Platform UI and:
    • Active your license,
    • Generate a Shared Secret for use in the Proxy VM deployment.
  • Deploy Network Insight Proxy OVA to vSphere
  • Login to the Platform UI and start adding data sources and consume all the goodness that is Network Insight!

Having to deploy … Read more


IPv6 is here and IPv4 is definitely running out of time. Here in the Netherlands, the consumer internet providers have been “working on it” for years. I’ve been lobbying for IPv6 connectivity for years, without much luck. After a time of experimenting with IPv6-over-IPv4 tunnels and Teredo, I basically gave up on those technologies due to various reasons; high latency, complexity & subnet reputation (a lot of shady stuff was going on those free IPv6 subnets).

Recently, I finalized my IPv6 implementation in my hosted environment (couple of websites, other apps/databases), which also contains a NSX testlab. Considering … Read more


Amazon Web Services has a few ways of giving you connectivity: internet, Direct Connect (a physical line) and VPN. While AWS has a ton of examples for firewall/VPN vendors, there is none for connecting with NSX. I needed to connect a NSX network with AWS for a proof of concept and had to figure out how to configure AWS and what settings to use on the NSX Edge VPN. Behold, the fruits of my labor!

aws-nsx-vpn-topology

This is what we are going to be building in this post. Compute resources inside AWS connected with a VPN towards VMware NSX for corporate … Read more