Syncing Flows between vRealize Network Insight Collectors

There are a few reasons you’d want to have multiple Network Insight instances collecting data from the same data sources. Maybe one is a staging instance, and the other is a production instance. Perhaps you’re rebuilding Network Insight on another instance (and can’t move the existing one), but do want to have them running parallel for some time. I could go on.

One of the challenges is being able to collect network flows in both instances, as vSphere can only send flows to a single collector IP. You could solve this with a NetFlow duplicator, but now there’s another … Read more

Roneo: A NetFlow Duplicator

Introducing a new project that I’ve been working on: Roneo the NetFlow Duplicator.

It is essentially a very simplistic and fast UDP traffic forwarder written in Python, that’s designed to forward NetFlow/sFlow traffic. You might know that I work with vRealize Network Insight a lot, which ingests NetFlow data. There are some limitations with NetFlow devices (vSphere Distributed Switch can only send to 1 collector, and there are some other devices that have the same limitation), making a duplicator necessary when the flows need to go to multiple systems.

Why something new?

I’ve written about sending NetFlow to multiple collectors … Read more

NetFlow on Physical switches with vRealize Network Insight

With the release of vRealize Network Insight 3.6, the flow analyser inside vRNI now supports external sources for NetFlow. This means you can perform micro segmentation planning on physical servers (before you migrate them to virtual) and create deep insight into what network traffic is going through your entire network (and not just limited to what’s happening in your virtual network).

Currently, NetFlow versions 5, 7, 9 and IPFIX are supported. Getting started with NetFlow in vRNI is pretty easy, but it is slightly more complicated than regular data sources.

Getting Started

I say it’s slightly more complicated, because … Read more

How to define two NetFlow targets in vSphere VDS

Sorry, you actually can’t configure two Netflow targets in vSphere. 😉

HOWEVER! There’s a way around this limitation. Currently, the VDS only supports one Netflow target IP address to send NetFlow to. This limitation can cause some issues when you want to employ multiple Netflow collectors, for instance an existing Network Management System (NMS) and do a vRealize Network Insight Assessment.

What is Netflow?

I’m not going to explain Netflow in depth, but just to set the stage here’s a small summary. Netflow is a protocol that allows you to collect information about what traffic flows are going through … Read more

© 2020 Lostdomain

Theme by Anders NorénUp ↑