Tagnsx

GRE Tunnels & Dynamic Routing in NSX 6.4

There was a line in the NSX 6.4 release notes that caught my eye: “Support for BGP and static routing over GRE tunnels.” – First thought was “awesome, dynamic routing over a VPN”. But then I realized that that GRE tunnel in itself is a new feature as well, which the release notes don’t really mention. The VMware Docs website also doesn’t mention anything about it.

After a bit of digging, it appears that this feature has been added primarily to support the VMware on AWS architecture and connectivity towards that platform. But that doesn’t mean us mortals can’t use … Read more

NSX for vSphere 6.4 is here (and it’s massive!)

Just as the title says, NSX-v 6.4 has just dropped. I my opinion, they should’ve called it NSX-v 7.0 though, considering the amount of new and cool stuff that is in there. I’ll go through the most prolific new and shiny features below.

Distributed Firewall Layer 7 Functionality – App ID

Traditionally the DFW could handle layer 2 to layer 4 rules. With NSX 6.4, there is some layer 7 functionality which becomes available. This is done by pushing a new VIB to ESXi hosts which looks inside the traffic flows. This new module will recognise App ID inside network … Read more

Restoring a NSX Edge Gateway

NSX Manager has a backup and restore functionality. That process creates a backup of the entire NSX fabric and puts that backup on a remote (s)FTP server. All configuration is available within that backup, the Edge configuration is not separate. Being a good IT-citizen, of course the backup is one of the configurations you do during the installation, so you always have a backup available.

I have a couple points for this post:

  1. You can restore a NSX Manager backup non-disruptively (*),
  2. When you restore a NSX Manager backup, existing NSX Edges are not effected and continue to operate,
  3. If
Read more

Host Preparation Troubleshooting Enhancements with NSX 6.3.5

VMware NSX 6.3.5 was released last week. This is a maintenance release and addresses 32 issues in previous versions. You can find the release notes here.

One thing caught my eye which is a very welcome addition to 6.3.5;

  • Host prep now has troubleshooting enhancements, including additional information for “not ready” errors

As the release notes don’t go into detail what that exactly means, I did some digging. From 6.3.5 and above, the NSX UI will now show the failure messages from EAM when the host preparation fails. For instance, you’ll see if the communication between EAM and the … Read more

New VMware Fling – Autopology (Drag and Drop NSX Network Topologies? Yes Please!)

The VMware Fling labs is one of my favourite things, as it brings some awesome new tech straight from VMware R&D. Some of these flings flow to the product cycles (remember the HTML5 client, now default in vCenter?). And they did it again!

Ever since I’ve seen an internal session about this product, I’ve been anxiously waiting for it to be released (one way or another). Autopology just dropped on the Flings website. Autopology is a translator between your network drawings and the real-life configuration. It is a what-you-see-is-what-you-get editor where you can create drawings of a network topology and … Read more

VMware NSX 6.3 is here!

NSX 6.3 has just been made generally available and it’s a humongous one. The changes in this new version reflect a new maturation phase in which NSX is now in. Here are my top picks, for the entire list of changes go here.

Controller Disconnect Operation (CDO) Mode

The control plane and data plane in SDN are inherently separated from each other. The control plane can be shut down without affecting the data plane, at least, affecting it immediately. Once the control plane is down, no changes can be made and the data plane operators (in NSXs case, the … Read more

Using VMware NSX to get IPv6 connectivity at home

IPv6 is here and IPv4 is definitely running out of time. Here in the Netherlands, the consumer internet providers have been “working on it” for years. I’ve been lobbying for IPv6 connectivity for years, without much luck. After a time of experimenting with IPv6-over-IPv4 tunnels and Teredo, I basically gave up on those technologies due to various reasons; high latency, complexity & subnet reputation (a lot of shady stuff was going on those free IPv6 subnets).

Recently, I finalized my IPv6 implementation in my hosted environment (couple of websites, other apps/databases), which also contains a NSX testlab. Considering … Read more

© 2018 Lostdomain

Theme by Anders NorénUp ↑