• Using vRealize Log Insight to manage and review NSX Distributed Firewall rules

      The Distributed Firewall dashboards are definitely my favorite feature of vRLI. You can see the total number of firewall actions triggered, the top rule that is hit, audit events, top sources, top destinations, ports allowed or denied, and more. With all of this data, it’s possible to use vRLI to start creating your DFW rules because you will be able to see what VMs are communicating over specific ports. Near the end of this post, I will write a brief tutorial on how you can use the filter logic to determine DFW rules that need to be put in […]

    Read more »
  • Using vRealize Log Insight to Manage and Troubleshoot NSX

      I recently wrote a post on how to Deploy vRealize Log Insight with the NSX Content Pack. The post outlined the initial installation, redirection of NSX component logging to vRLI and and the installation of the NSX Content Pack.In this post, I wanted to show all of the cool features of the content pack, how to use it for day to day operations, and how to use it to troubleshoot NSX. Let’s start out with creating and managing dashboards.   Creating and Managing Dashboards Custom Dashboard   To create a custom dashboard, navigate to Interactive Analytics at the top. […]

    Read more »
  • Deploying vRealize Log Insight with NSX Content Pack

      For every NSX license you purchase, you also get an OSI license for vRealize Log Insight! With that said, I wanted to show everyone how to deploy vRLI and redirect your logs for NSX managers, edges, controllers and ESXi to vRLI. I will also show the configuration of the NSX content pack. If you haven’t heard of a content pack for vRLI, it is essentially a plugin that has pre-defined information about specific products using log analytics. The plugins are not limited to VMware products, you can define these plugins for Arista, HP, Cisco, Dell, Microsoft, Openstack, and much […]

    Read more »
  • NSX Home Lab Hardware Setup

    Hi Everyone, I know it has been a long time since I have posted (has it really been 6 months?!). I promise will do my best to post on a more regular basis, especially since I have good hardware to play around with now. A little update before we get started: I am loving my new role as a Systems Engineer for NSX at VMware and couldn’t be happier where I am at. Over the last 6 months I have had to transition from a deeply technical, daily grind position in tech support, to a more customer focused, business solution […]

    Read more »
  • Another Job Transition, here’s to the future!

    I have been super busy over the last few months which has kept me away from blogging and social media. For those who aren’t aware, I recently moved from an Escalation Engineer in support to a Systems Engineer for NSX. I couldn’t be more excited for this career move, and I couldn’t be more fortunate to be offered this opportunity. I truly believe SDN and NSX is the future of networking, and the last remaining piece of the SDDC stack. As everyone knows, my posts have already transitioned from vSphere and vCenter, to NSX, and I hope to continue that […]

    Read more »
  • NSX 6.2 Centralized CLI, VXLAN

      Continuing my posts on NSX Centralized CLI, I wanted to dive into VLXAN commands next. I have included all of the logical switch commands below that you can run from the NSX Manager shell. There are almost 25 in total and I wanted to touch on what I feel are the most useful commands.   show controller list all show logical-switch list all show logical-switch list vni host show logical-switch list host vni show logical-switch host verbose show logical-switch host config-by-vsm show logical-switch host statistics show logical-switch host vni verbose show logical-switch host vni mac show logical-switch host vni […]

    Read more »
  • NSX 6.2 Centralized CLI, Edge Services Gateway

      As discussed in a previous post, we have developed a centralized set of commands that can be run from the NSX manager instead of having to get a session into each NSX component. In this post I will focus on the Edge Services Gateway centralized commands; we have pushed out more than 60 total commands and I will list them here and go through what I feel are the most useful subsets. It’s important to remember that these commands are only going to provide you with information, rather than allow you to make changes. I know this is a […]

    Read more »
  • NSX 6.2 Communication Channel Health Check

      In NSX 6.2 we introduced a new feature to provide users with a way to check the communication channel between NSX Manager, the control plane agent (netcpa) and the firewall agent. If the channel is broken, the NSX manager will perform a sync operation to attempt to recover. The following communication channels are checked, along with their intervals below.   NSX Manager to Firewall agent – A heartbeat is sent every 3 minutes, if two iterations are lost a sync will occur NSX Manager to Control Plane Agent – A heartbeat is sent every 2 minutes, if two iterations […]

    Read more »
  • NSX controller deployment, deep dive, and connectivity verification

      I recently had a few customer’s run into some issues surrounding control plan connectivity. I wanted to compile a list of steps to verify that the control plane is in tact and doesn’t have any issues as well as provide useful commands to diagnose any issues. I wrote a previous post on how to Troubleshoot NSX Controller cluster status, roles, and connectivity, but I wanted to dive a little bit deeper this time.   Deployment   The first thing to mention, is again, that we recommend to deploy a total of three NSX controllers. NSX controllers store VM, ESXi, […]

    Read more »
  • NSX 6.2 Centralized CLI, Distributed Firewall

      In NSX 6.2 we have developed a centralized CLI to help troubleshoot DFW, Edge, VXLAN, and DLR issues. The majority of these commands are only to gather information rather than make changes, but it allows our users to the opportunity to login into a single machine rather than logging into a controller, an edge, the manager and a host. All of these CLI commands will be run from the NSX manager and these specific distributed firewall commands are replacing the vsipioctl commands that you would typically run on an ESXi host. Below is a list of all of the […]

    Read more »

Back to Top