Lostdomain

Contact

Submit
Show menu Hide menu

Tagnsx

VMware NSX 6.3 is here!

February 2, 2017 / / 0 Comments

NSX 6.3 has just been made generally available and it’s a humongous one. The changes in this new version reflect a new maturation phase in which NSX is now in. Here are my top picks, for the entire list of changes go here.

Controller Disconnect Operation (CDO) Mode

The control plane and data plane in SDN are inherently separated from each other. The control plane can be shut down without affecting the data plane, at least, affecting it immediately. Once the control plane is down, no changes can be made and the data plane operators (in NSXs case, the … Read more

Using VMware NSX to get IPv6 connectivity at home

December 18, 2016 / / 0 Comments

IPv6 is here and IPv4 is definitely running out of time. Here in the Netherlands, the consumer internet providers have been “working on it” for years. I’ve been lobbying for IPv6 connectivity for years, without much luck. After a time of experimenting with IPv6-over-IPv4 tunnels and Teredo, I basically gave up on those technologies due to various reasons; high latency, complexity & subnet reputation (a lot of shady stuff was going on those free IPv6 subnets).

Recently, I finalized my IPv6 implementation in my hosted environment (couple of websites, other apps/databases), which also contains a NSX testlab. Considering … Read more

Connecting a VPN between AWS and VMware NSX

November 8, 2016 / / 2 Comments

Amazon Web Services has a few ways of giving you connectivity: internet, Direct Connect (a physical line) and VPN. While AWS has a ton of examples for firewall/VPN vendors, there is none for connecting with NSX. I needed to connect a NSX network with AWS for a proof of concept and had to figure out how to configure AWS and what settings to use on the NSX Edge VPN. Behold, the fruits of my labor!

aws-nsx-vpn-topology

This is what we are going to be building in this post. Compute resources inside AWS connected with a VPN towards VMware NSX for corporate … Read more

NSX SpoofGuard Automatic Approvals through your IPAM

October 4, 2016 / / 0 Comments

VMware NSX provides a (heavily underestimated) SpoofGuard functionality, which prevents virtual machines to use IP addresses that are not approved by the network engineers. It guards for, guess what, IP spoofs. Virtual machines will not be able to change their IP addresses without administrative approval, which prevents issues with unauthorized changes or duplicate IPs.

SpoofGuard in NSX

SpoofGuard can operate in 3 modes:

– Approve everything (the default);
– Automatically approve first detected IP, manual approve changes;
– Manually approve all first detected IPs and changes.

While having control of the IP address changes in the virtual network is pretty … Read more

VMware NSX 6.2.3 – SSL VPN Behaviour Change

July 11, 2016 / / 0 Comments

NSX 6.2.3 was released a few weeks ago and brought a bunch of new stuff and fixes. I came across an undocumented change not mentioned in the release notes, which caused me some head ache, this post describes that change.

The NSX Edge Services Gateway can provide you with a SSL-VPN solution, making it possible for road-warriors to connect to the secured virtual network or make it possible for developers to connect to duplicate development environments. The SSL-VPN client is a lightweight and easy to use VPN client and you can set all kinds of policies as the VPN … Read more

Removing the VMware NSX Solution from vCenter

July 5, 2016 / / 0 Comments

If you want to remove VMware NSX from your vSphere environment, it’s as simple as reversing the installation steps (remove logical network configuration, remove NSX Service VMs, remove the NSX VIBs from the ESXi hosts and remove the NSX Manager). NSX is completely managed through the vSphere Web Client connecting to your vCenter. After you have reversed the installation steps, you are left with the NSX solution inside the vSphere Web Client.

vmguru-vsphere-web-client-nsx

Removing the NSX Solution from vCenter

Inside vCenter there’s the Managed Object Browser (MOB), which has access to all objects in the vCenter system and you can … Read more

VMware NSX 6.2.3 released

June 10, 2016 / / 0 Comments

VMware NSX 6.2.3 was released today and it’s a good one! There’s a lot of improvements and some new stuff in there, it’s a hell of a maturing release. Below are a few highlights.

NSX for vShield Endpoint license

There’s a default license generated when you install NSX now, and it defaults on the NSX for vShield Endpoint license. This means you can by default (and without cost) manage anti-virus offloading functionality. This is one step closer to a vShield replacement and an open download.

NSX Hardware Layer 2 Gateway Integration

This has been in the works for a while … Read more

Older posts Newer posts

© 2024 Lostdomain

Theme by Anders NorénUp ↑