0

Site to Site IPSEC VPN between NSX Edge and Linux strongSwan

The following post will show how to configure a L3 VPN between VMware NSX Edge and a Linux box with strongSwan. L3 VPN with Pre-Shared Key (PSK) authentication The first example will show a L3 VPN configured with a Pre-Shared Key. The NSX Edge configuration is pretty simple. Open the Web Client and go to […]

0

Various SSL errors while using VMware Web Client or vClient

Many errors can occur while using a misconfigured client. Below you can find the errors I found. Opening console from Web Client   SSL verification failure for "vcenter1.example.com" due to a host thumbprint mismatch: stored thumbprint "8d:29:ae:69:87:e5:cc:a0:ff:01:51:25:84:8a:b4:d3:b5:a3:55:33" does not match certificate thumbprint "5B:E9:36:23:44:F0:4D:E5:6A:F3:7E:BC:4F:FE:9D:0D:93:64:03:E0". Opening console from vClient Unable to connect to the MKS: Login (username/password) incorrect. […]

0

VXLAN on VMware NSX: VTEP, proxy, Unicast/Multicast/Hybrid mode

Virtual Extensible LAN (VXLAN) is a network which help to build an overlay network and it’s the base of network virtualization. In simple words, VXLAN encapsulates Ethernet frames on a UDP routable packet. With VXLAN a single L2 segment can span L3 boundaries. Moreover VXLAN overcomes VLAN limits: 802.1q standard define a maximum of 4094 […]

0

Configuring a load balancer with VMware NSX

In the previous post a NAT has been configured to allow access from external networks:   Now the edge router will act as a load balancer too: connection to the edge router with destination port 2222 will be balanced on both internal VM using the port 22. Go to “Networking & Security -> NSX Edges”, […]

0

Configuring NAT and firewall on a NSX Edge Router

On a previous post the edge router has been connected to external network: In this post NAT and Firewall will be configured to allow SSH access to VM1 from external networks. Go to “Networking & Security -> NSX Edges”, double click on the edge router and follow “Manage -> NAT”. Add a DNAT role so […]

0

Connecting Edge Router to physical LAN using VMware NSX

On a previous post an Edge router has been deployed and configured with OSPF. Now the edge router must be connected to external networks: An uplink interface needs to be bound to a PortGroup not configured for NSX. In other words a PortGroup named 172.31.30./27 has been manually added to the same Distributed vSwitch used […]

0

Configuring OSPF between Logical and Edge routers on VMware NSX

On previous posts the following topology has been deployed: The next step is adding an Edge router which can manage external traffic. On a next post the Edge router will be bridged to a physical network. The expected topology will be the following: Open the Web Client and go to “Networking & Security ->Logical Switches” […]

0

Distributed routing on VMware NSX

On the previous post a NSX environment has been configured with three isolated logical switches. In this post a distributed router will be added to route packets between logical switches inside tenant 1. Open the Web client and go to “Networking & Security -> NES Edges” and add a new logical (distributed) router: Configure username, […]

0

VMware NSX: a short introduction and HOWTO install it

NSX is the SDN solution by VMware. NSX is  available as: NSX for vSphere (NSX-V) NSX Multi-Hypervisor (NSX-MH) NSX-MH is NSX for Multi Hypervisors (ESXi, KVM, Xen, Hyper-V). This post is focused on NSX-V. Acronyms DFW: Distributed FireWall DLR: Distributed Logical Router LIF: Logical InterFace UWA: User World Agent VDS: VSphere Distributed Switch VIB: VSphere Installation Bundle VNID: VXLAN […]

0

Switching is not working on VMware NSX

In this scenario we have three VMs deployed on a NSX vSwitch with VNI 5002. Two are running on the same hosts and they can ping each other, the other one is running on a separated host and cannot ping the other VMs. Check if at least one interface is configured for VXLAN: ~ # […]

0

No VMware NSX manager connected

If the VMware vSphere Web Client shows no connected NSX Manager, try to restart the NSX Manager service. The issue can happen if the vCenter is restarted or starts after the NSX Manager. Connect to the NSX Manager and in the summary view stop and restart the NSX Management Service : After a while the vCenter […]

0

Moving a powered off VM from CLI

In this short post we’ll see how to move a powered off VM from one host to another one using CLI commands. The first step is list the required VM: ~ # vim-cmd vmsvc/getallvms Vmid Name File Guest OS Version 4 vcenter1 [esx1_datastore] vcenter1/vcenter1.vmx windows7Server64Guest vmx-08 The VM ID is 4. Let’s check the power […]

0

Load balanced ESXi cluster with Host memory usage alarm

Sometimes a DRS enabled cluster could be in the following situation:   The cluster is balanced even if three hosts triggered the host memory usage alarm:   There is no recommendation, so the DRS is working. How can be three host with high memory usage? The answer is simple: the graph is showing consumed memory, […]

0

Automatic logon to vCenter using vMA/SDK for Perl

One of the most useful appliance for vSphere administration is a Linux based VM called vMA (vSphere Management Assistant ). It’s a simple SUSE Linux installation with the vSphere SDK for Perl installed. Both method will provide useful tools like esxcli, vmkfstools, vicfg-* and so on. Each command can read credentials as parameters: $ esxcli --server vcenter.example.com --username example\vsphereadmin […]

0

Integrating HP addons to VMware Update Manager

Honestly I don’t like customized ISO images for VMware ESXi. I prefer to know what software is installed and how to upgrade it. This short guide will show how to integrate HP addons for VMware in the Update Manager (VUM). Open the vClient -> Home -> Update Manager -> Download Settings -> Add Download source: Source […]

0

VMware Update Managet (VUM) fail after upgrade

Sometimes after a vSphere upgrade Update Manager (VUM) can fail with the following error: There was an error connecting VMware vSphere Update Manager – [vcenter.example.com:443]. Database temporarily unavailable or has network problems. The easiest way is to reconfigure the VUM using the VMwareUpdateManagerUtility.exe utility installed in the VMware Update Manager program path (usually C:Program Files (x86)VMwareInfrastructureUpdate Manager): […]

0

Deploying VMware vCenter Operations (vCOPS)

Deploying the VMware vCOPS appliance is an easy task with only one prerequisite: IP pool. An IP pool is IP pools provide a network identity to vApps. An IP pool is a network configuration that is assigned to a network used by a vApp. The vApp can then leverage vCenter Server to automatically provide an […]

0

Failed to deploy an OVA

Deploying an OVA to a VMware vSphere infrastructure can fail with the following error: Failed to deploy OVF package: The request was aborted: The request was cancelled. The OVA file can be damaged. Because an OVA file is a TAR, the archive can be tested using 7-Zip. Open the archive, use the verify function and see the […]

0

Troubleshooting an ESXi host using esxtop

THIS POST IS NOT COMPLETED YET The esxtop utility is probably the most useful utility to troubleshoot a high load on an ESXi host using a CLI. There are eight views: c (default): CPU, sorted by CPU USED by default. d: disk adapter i: interrupt m: memory, sorted by MEMSZ by default. n: network p: power […]

0

Verifying end-to-end QoS marking

A not so easy process about QoS involves the verification of end-to-end QoS marking: are the marks maintained through the all network? Before going deep, let’s recap how an IP packet can be marked: The IP field reserved for QoS is 8 bits long and it’s called TOS (Type of Service). RFC791 defines 3 bits for […]