NSX DFW Enable TCP Strict Today, I finally had some time to dive a bit deeper into the 6.4.0 release of NSX for vSphere. When I was configuring the Distributed Firewall, I noticed a setting called ‘Enable TCP Strict” which I didn’t immediately recognize. After some investigation, it became clear that this setting strengthens the ...
Common load balancing topologies Sometimes you stumble across something so obvious that you cannot believe you missed it. I had such a moment today. I have been discussing load balancing topologies with one of my customers in the last few days and in each discussion we stayed exactly within the predefined color lines: a one-arm ...
Traffic analysis for a NSX micro-segmentation design using Syslog In a recent project I had to setup micro-segmentation using the Distributed Firewall (DFW) of VMware NSX in a greenfield environment. The approach I choose was to design and configure the DFW rule base using the Service Composer and all the information could gathered within the ...
Using the NSX API as a consumption layer VMware’s Software Defined Networking (SDN) solution NSX is architecturally separated in different planes: the management plane, the control plane and the data plane. Right at the top of these three planes sits the consumption layer of NSX. This can be the vSphere Client GUI, a Cloud Management solution ...
NSX and vCloud Director lab problems I had to do some NSX troubleshooting on a lab environment running vCloud Director and NSX yesterday with a colleague. Apparently something broke in our lab during an NSX upgrade and the quick ad dirty decision was made to just reinstall NSX. As it turns out, the hosts were not ...
VCIX-NV Certified! It’s official. VMware’s Certificate Manager is showing my newly acquired VCIX-NV certificate. Phew … this was a pretty heavy exam. One of the first things you do nowadays when embarking on a study adventure for a hefty certification like VCIX-NV – after reading the official blueprint several times – is read up on (unofficial) study guides and ...
Here’s a topic I did not think I would ever blog about: OSPF. I kind of mentally blocked out most specific details about all dynamic routing protocols after completing the Cisco CCNP Routing exam many, many years ago. Now I am studying for VCIX-NV and al of I sudden I find myself studying Not So Stubby ...
