Over the past few years of working with NSX vSphere, one of the more frustrating things that would happen is that you would try to delete an object of some description (IP Set, Security Group, Service etc) and you would get the annoying message in the UI which says the […]
When operating NSX-v DFW at scale, the recommendation from VMware on memory/heap usage per host is to stick to a maximum of around 80% usage. But then this often raises the question of how to monitor the actual memory/heap the the DFW is consuming per host. As the NSX-v Distributed […]
I was recently asked by a customer who is running NSX vSphere (NSX-v) and Log Insight, is there a way they can export data from Log Insight that will give them the unique source/destination/protocol/destinationPort from the DFW logs for a given ruleId over a given time period. This exported data […]
Seeing as though I am always building different Ubuntu virtual machines to perform various python actions on (often on different customer sites), I find myself setting up the same things over and over again. My notes for this process are normally scattered between Notepad/TextEdit and Evernote, so its about time […]
In NSXv 6.2.2 and earlier, the format of the DFW logs has remained relatively the same for quite some time now. The following is a specific sample of the dfwpktlogs.log file from an NSXv 6.2.2 host. [root@host-192-168-111-11:~] tail -f /var/log/dfwpktlogs.log 2016-09-17T09:41:50.979Z INET match DROP domain-c46/1005 OUT 78 UDP 10.2.5.10/137->10.2.5.255/137 2016-09-17T09:41:50.979Z INET […]
Following on from my previous post in regards to getting the Central CLI API working after an upgrade to 6.2.3/6.2.4, it seems that a nice little enhancement has been made which should help verifying and troubleshooting DFW data plane issues. When looking at DFW filters and you wanted to view the contents […]
When working on a customer site recently I was made aware that their system to use the NSX Central CLI via the API had stopped functioning. The system had stopped working when the upgrade to NSX 6.2.3 happened. Click here for my previous post on how to use the Central […]
With the recent release of NSX vSphere 6.2.3 there were a couple of subtle updates to the Distributed Firewall UI that aren’t obvious at first glance. Rule ID now shown by default. The Rule ID is now shown in the Distributed Firewall UI by default. No need to continually enable […]
When starting out with the NSX-v API, you will quickly learn that there are times where you are required to reference an object, like when you want to add a member to a security group, you are required to know the object ID of the object you want to add as […]
Every now and then I get asked by a colleague or client if there is a known issue with the vSphere Web Client and the NSX Plugin that causes the screen to go black. My response is to ask them the following questions: Are you using Firefox as the browser? […]
