Welcome Back !!
In this blog, we will be discussing about NSX Identity firewall also referred as IDFW and will implement one of the rule for the same.
Below are the High level points which we will be discussing in this blog.
Background : Live packet capture plays an important role while troubleshooting NSX distributed firewall, Recently I completed one of the micro-segmentation implementation in brownfield environment, added all required flows for the applications & made default rule “DENY” at the end during maintenance window.
One of the application owner reported that “XYZ” application has stopped working, with live packet capture we got the actual insight of packet flow & service ports.
I thought to document the usual commands & packet capture points for easy future reference, You may go through the same below.
Continue reading Troubleshooting NSX DFW via Live packet capture on ESXi hostNSX-v to NSX-T workload migration using NSX Independent bridging option.
• Different Available Migration Approaches – High level
• Independent Bridging approach – In detail
• Customer use-case discussion – Why independent Bridging ?
• L2Bridging Readiness
• Validation & Testing
Continue reading Independent Bridging – NSX-v to NSX-T In-Parallel Migration use caseWelcome Back!
In the previous blog we discussed about North-South packet walk in case of stretched network to 2 different physical locations, using NSX Federation.
Today, we are going to create a Global Policy and write a Deny rule under the same.
Continue reading VMware NSX Federation – Part-6Welcome Back!
In the previous blog we discussed about MAC learning and East-West packet walk in case of stretched network to 2 different physical locations, using NSX Federation.
Today we are going to discuss about North-South packet walk & decision factors which effects routing.
Continue reading VMware NSX Federation – Part-5Welcome Back!
In the previous blog we discussed till RTEP creation which is needed for cross-site communication.
Today we will be creating a stretched segment across two physical sites & will examine the MAC learning of VMs situated at two different sites, as well as East-West packet flows between 2 VMs residing on two different sites.
Continue reading VMware NSX Federation – Part-4Welcome Back!
In previous blogs, we promoted Site-1 as Active & Site-2 as Standby. Also added on-prem locations (site-1/LM-1, Site-2/LM-2) to Active GM.
Today we will be discussing about–
1. Importing local objects to Global Manager.
2. Remote Tunnel End-Points.
Continue reading VMware NSX Federation – Part-3Welcome Back!
In previous blog, we have discussed federation basics and key concepts, today will talk further, and see how we implement federation, like…
Background – We are going to discuss NSX federation (part-1) today. since federation is a lengthy topic, I have decided to keep it in a series of multiple blogs.
Where we will start from very basic of it and eventually will be discussing about different design approaches & one of the use-case which I have experienced recently.
NSXworld 