NSX-V vs NSX-T Layer 2 and Routing comparison !!

NSX-V vs NSX-T Layer 2 and Routing comparison of equivalent technologies:

Top KB Articles for VMware vSphere !!

                                        KB Articles for VMware vSphere

1. Investigating virtual machine file locks on ESXi
2. VMware support for open-vm-tools
3. Enhanced vMotion Compatibility (EVC) processor support
4. “503 Service Unavailable” error on the vSphere Web Client when logging in or accessing the vCenter Server
5. Stopping, Starting or Restarting VMware vCenter Server Appliance 6.x services
6. Excessive Hardware health alarms being triggered for “Sensor -1 type” on ESXi hosts running vSphere 6.7 U3
7. Troubleshooting an ESXi host in non responding state
8. Download URLs for VMware vSphere Client
9. Increasing the size of a virtual disk
10. “503 service unavailable” error when connecting to the vCenter Server using the vSphere Web Client 
11. How to Stop, Start or Restart vCenter Server 6.x Services
12. How to download and install vCenter Server root certificates to avoid Web Browser certificate warnings
13. Build numbers and versions of VMware vCenter Server
14. Setting the number of cores per CPU in a virtual machine
15. Windows Server 2019 guest operating system option is not available during virtual machine creation
16. “The operation failed for an undetermined reason” transferring files through vSphere Client
17. End of General Support for vSphere 6.0
18. Troubleshooting issues resulting from locked virtual disks
19. Correlating build numbers and versions of VMware products
20. How to reset the lost or forgotten root password in vCenter Server Appliance 6.5 & 6.7

Top KB Articles for VMware NSX !!

                                         KB Articles for VMware NSX

1. Supportability of 32-bit app SSL VPN-Plus Mac Client in NSX-v 6.4.6 and older versions
2. How to Reset a VeloCloud SD-WAN Edge?
3. Guest Introspection status reports “Warning: Guest Introspection service not ready”
4. “No NSX Managers available” error in the vSphere Web Client
5. TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, and other network components
6. Tech Support Access in NSX for vSphere 6.x
7. Licensing NSX for vSphere 6.x
8. “Agent VIB module not installed” when installing EAM/VXLAN Agent using VUM
9. Guest Introspection VM disconnect on VDI infrastructure
10. vCenter Server or Platform Services Controller certificate validation error for external VMware Solutions in vSphere 6.0
11. “The pending transaction requires xxx MB free space” error when installing VIBs
12. Update sequence for vSphere 6.0 and its compatible VMware products
13. vCenter Server certificate validation error for external solutions in environments with Embedded Platform Services Controller
14. vCenter Server or Platform Services Controller certificate validation error messages for external solutions in environments with a External Platform Services Controller
15. NSX-T admin password expired
16. Collecting diagnostic information for VMware NSX for vSphere 6.x
17. After upgrading to NSX-v 6.4.0, you see the error: “Possible DHCP DOS attack seen on the host. Please refer to NSX Manager and VM Kernel logs for details.”
18. Product offerings for VMware NSX for vSphere 6.2.x, 6.3.x and 6.4.x
19. Build numbers and versions of VMware NSX for vSphere
20. Correlating build numbers and versions of VMware products

Top KB Articles for VMware vSAN Troubleshooting

                                  KB Articles for VMware vSAN Troubleshooting

1. How to manually remove and recreate a vSAN disk group using esxcli
2. vSAN proactive rebalance
3. vSAN Health Service – Cluster Health – vSAN Health Service up-do-date
4. Moving a vSAN cluster from one vCenter Server to another
5. How to add a host back to a vSAN cluster after an ESXi host rebuild
6. Virtual Machines running on VMware vSAN 6.6 and later report guest data consistency concerns following a disk extend operation
7. Best practices when using vSAN and non-vSAN disks with the same storage controller
8. Using Oracle RAC on a vSphere 6.x vSAN Datastore
9. How to use and interpret performance statistics collected using vSAN Observer
10. vSAN Health Service – vSAN HCL Health – vSAN HCL DB up-to-date
11. vSAN Performance Graphs in the vSphere Web Client
12. vSAN Health Service – Cluster health – vSAN disk balance
13. Changing the default repair delay time for a host failure in vSAN
14. Build numbers and versions of VMware vSAN
15. Shutting down and powering on a vSAN 6.x Cluster when vCenter Server is running on top of vSAN
16. Best practices on DELL EMC NetWorker 9.1, 9.2, & 18.1 VMware Integration
17. Understanding vSAN memory consumption in ESXi 6.0 U3, 6.5.0d, and later
18. A simultaneous reboot or shutdown of all hosts in the vSAN cluster may result in data unavailability after a single failure
19. FAQ: Support statement for 512e and 4K Native drives for VMware vSphere and vSAN
20. Thick-provisioned VMs on vSAN detected on vSAN-health check

Top KB articles for VMware Workspace One Troubleshooting

                     KB articles for VMware Workspace One Troubleshooting

1. RUGG-7701: Applications published through Product Provisioning fail to install after UEM upgrade to 20.01
2. How to Self Upgrade an On-Premise Environment
3. ESC-19126: Android devices using Intelligent Hub 19.06 cannot enroll if ‘Allowed IPs’ is enabled in the Workspace ONE UEM Console
4. Getting Started with the Workspace ONE End-User Adoption
5. SCCM Co-management disabled for Workspace ONE UEM in SCCM ConfigMgr 1902 Client Hotfix Rollup KB3400471
6. VMware Workspace ONE IP ranges for SaaS data centers
7. Configure Outlook App using Workspace ONE UEM
8. HW-111374: Support LDAP Signing and LDAP Channel Binding with VMware Workspace ONE Access, Identity Manager
9. How to Manage Team Members in the My Workspace ONE portal: Migrated Accounts
10.  2020 VMware Workspace ONE UEM Maintenance
11. [Resolved] AAPP-7936: Administrators are unable to Clear Device Passcode on iOS 13 & iPadOS 13
12. [Resolved] SINST-175459 – Workspace ONE UEM installer fails to execute if non-http/https bindings exist on IIS
13. How to access VMware Workspace ONE support
14. Workspace ONE UEM Console Lookup Values
15. Support LDAP Signing and LDAP Channel Binding with VMware Workspace ONE Unified Endpoint Management (UEM)
16. Workspace ONE operating system support guidance for Apple platforms
17. ARES-11510: Publishing Office 365 app for Android in the Workspace ONE Console may lead to removal of corresponding Office 365 app for iOS
18. Updating Certificates for Workspace ONE UEM Services
19. My Organization’s Requests are not accessible in the My Workspace ONE portal
20. [Resolved] UAG-5694: Workspace ONE UEM Edge Services fail to start with Unified Access Gateway versions 3.7 and 3.7.1/

Top KB Articles for VMware Horizon troubleshooting

                                 KB Articles for VMware Horizon troubleshooting

1. Provisioning VMware Horizon View desktops fails with error: View Composer Agent initialization error (16): Failed to activate software license
2. Forcing replication between ADAM databases
3. Load Balancing for VMware Horizon View
4. VMware View ports and network connectivity requirements
5. Troubleshooting Agent Unreachable status in VMware Horizon View
6. Connecting to the View ADAM Database
7. Generating a Horizon View SSL certificate request using the Microsoft Management Console (MMC) Certificates snap-in
8. Impact of 2020 LDAP channel binding and LDAP signing requirement for Microsoft Windows in Horizon Enterprise environments
9. The View virtual machine is not accessible and the View Administration console shows the virtual machine status as Already Used
10. Manually removing problem desktops and pools from Horizon
11. Removing invalid linked clone entries automatically using the ViewDBChk tool in VMware Horizon View 5.3 and later versions
12. Horizon View Desktops hanging on logoff preventing composer operations, or users from logging in
13. Entering and exiting maintenance mode for an ESXi host that has Horizon instant clones
14. Connecting to or checking out the virtual desktop fails with the error: This desktop currently has no desktop sources available or This desktop cannot be checked out 
15. Windows 10 1809 VDI may become “Agent Unreachable” state if the High Precision Event Timer (HPET) is disabled
16. Installing the VMware View Client fails with the error: Setup cannot continue. The Microsoft Runtime DLL installer failed to complete installation
17. Troubleshooting connectivity issues between the agent, client, and connection server in VMware Virtual Desktop Manager
18. Connecting to Connection Server from View Client fails with the error: Couldn’t resolve host name
19. Supported versions of Windows 10 on Horizon Agent Including All VDI Clones (Full Clones, Instant Clones, and Linked Clones on Horizon 7)
20. Supported Guest Operating Systems for Horizon Agent, Remote Experience, and Persona Management

Top KB Articles for vRealize Operations Manager Troubleshooting

                   KB Articles for vRealize Operations Manager Troubleshooting

1. Shutdown and Startup sequence for a vRealize Operations Manager cluster
2. How to reset the admin password in vRealize Operations Manager
3. Configure a Certificate For Use With vRealize Operations Manager 6.x and later
4. How to reset the root password in vRealize Operations Manager
5. Change the IP Address of a vRealize Operations Manager 6.x or later Single Node Deployment
6. How to change a node hostname in vRealize Operations Manager
7. Safely cleaning up log files in vRealize Operations 6.x and later
8. Rebooting nodes in vRealize Operations Manager 6.x and later
9. Upgrade to vRealize Operations Manager 8.0 fails due to low space on /dev/sdc
10. Collecting diagnostic information from vRealize Operations Manager 6.x and later
11. Upgrade to vRealize Operations Manager 8.x fails due to low space on /dev/sda
12. Adding additional storage to a node in vRealize Operations Manager 6.x and later
13. Using the Upgrade Assessment Tool for vRealize Operations Manager 8.0.x
14. VMware Tools and Service Discovery in vRealize Operations Manager 8.0
15. Upgrade to vRealize Operations Manager 8.0 fails due to the admin or root account password
16. Reload the default certificate in vRealize Operations Manager 6.x and later
17. Clearing the Alerts and Alarms Tables in vRealize Operations Manager
18. vRealize Operations Manager Sizing Guidelines
19. Replace expired internal certificate in vRealize Operations Manager 6.3 and later
20. /storage/log is full on vRealize Operations Manager 6.x or later

Top KB articles for vRealize Automation troubleshooting

                         Top 20 KB articles for vRealize Automation troubleshooting.

1. How to reset or recover the root password on a VMware vRealize 7.x appliance
2. Virtual machine reconfigure request hangs in “Reconfiguring” state indefinitely in vRealize Automation
3.  Browser does not fully support self-signed certificated based access to vami console
4.  Cumulative Update for vRealize Automation 7.6
5.  Deployment of vRealize Automation 8.0 from Lifecycle Manger fails with the error code: LCMVRAVACONFIG590003
6.  How to remove a vRealize Automation appliance from a cluster
7.  Log locations for VMware vRealize Automation 7.x
8.  Error “Unable to authenticate user. Please try again” when logging into a Virtual Appliance Management Interface (VAMI)
9.  Troubleshooting guest agents in VMware vRealize Automation
10.  Increasing the memory allocated to a vRealize Orchestrator instance
11.  Build numbers and versions of VMware vRealize Automation
12.  Certificate troubleshooting, supportability, and trust requirements for vRealize Automation
13.  “HTTP error 404” error when accessing vRealize Orchestrator control center page
14.  New installs of vRealize Orchestrator 8.x fail to install due to a POD STATUS of ‘CrashLoopBackOff’
15.  Cumulative Update for vRealize Automation 7.4
16.  vRealize Automation upgrade fails due to duplicates in the vRealize Orchestrator database
17.  Cumulative Update for vRealize Automation 8.0.1
18.  vRealize Automation appliance runs out of disk space
19.  “Failed with error : Error ! An error occurred while retrieving the Single Sign-On token from; https://vCenter/lookupservice/sdk” error during vSphere Authentication configuration
20.  Removing a virtual machine from vRealize Automation 7.x using Cloud Client

Overview of VMware Edge Services Gateway (ESG) and Distributed Logical Router (DLR)

                          VMware ESG vs DLR

ESG

DLR

-        It’s always a VM. -        We use ESG for North-South. It means, going outside from datacenter towards the external network or internet. -        If you have logical switches in different transport zone, then you can use ESG. -        ESG is for different transport zone, but DLR is for same transport zone. -        It supports dynamic routing as well as static routing. -        It supports OSPF and BGP. -        It supports both the routing protocol at the same time. -        It is for centralized routing. -        Since it is a VM, so it can have maximum of 10 interfaces. -        On one interface, we can have maximum 200 sub-interfaces which will be connected as trunk interface. -        ESG has internal interface which connects with South. Means, it connects to DLR. (Transit Network). -        Physical router will be Uplink interface.

-        It’s a kernel module. -        It splits in to two components. DLR DLR Control VM -        Name of DLR kernel module is nsx-vdrb. It exists on each ESXi hosts. -        We use DLR for East-West routing. Means, routing within your datacenter. -        Benefits of using DLR: - -        If we remove DLR, so where we have router? We have router on each ESXi host. -        DLR only do routing if logical switches are in same transport zone. -        When we deploy DLR, it activates on those ESXi host which participate in that transport zone. -        It supports dynamic routing as well as static routing. -        It supports OSPF or BGP. -        It doesn’t support both routing protocol at the same time. -        It is distributed routing. -        It has two interfaces as Internal and Uplink. And third uplink is related to management. Total 1000 interfaces. -        Internal Interface -        It connects towards the south. With Logical switches. -        Maximum it can have 991 interfaces. -        Uplink Interface -        It connects with either physical router or ESG. -        Maximum it can have 8 uplinks -        Management Interface -        Number of interfaces is 1 -        Total 10000 interface can be on single host. -        When we talk about cloud then we give one DLR to each tenant. Where they can create logical switches and connect to DLR. -        Maximum 250 DLR can be on single ESXi host.

VMware NSX Overview

                                                VMware NSX Introduction

IT organizations have gained significant benefits as a direct result of server virtualization. Server consolidation reduced physical complexity, increased operational efficiency and the ability to dynamically repurpose underlying resources to quickly and optimally meet the needs of increasingly dynamic business applications.

VMware’s Software Defined Data Center (SDDC) architecture is now extending virtualization technologies across the entire physical data center infrastructure. NSX for vSphere is a key product in the SDDC architecture. With NSX for vSphere, virtualization delivers for networking what it has already delivered for compute and storage. In much the same way that server virtualization programmatically creates, snapshots, deletes, and restores software-based virtual machines (VMs), NSX for vSphere network virtualization programmatically creates, snapshots, deletes, and restores software-based virtual networks. The result is a transformative approach to networking that not only enables data center managers to achieve orders of magnitude better agility and economics, but also allows for a vastly simplified operational model for the underlying physical network. With the ability to be deployed on any IP network, including both existing traditional networking models and next-generation fabric architectures from any vendor, NSX for vSphere is a non-disruptive solution. In fact, with NSX for vSphere, the physical network infrastructure you already have is all you need to deploy a software-defined data center.

NSX Components

NSX can be configured through the vSphere Web Client, a command line interface (CLI), and REST API.

Interaction between NSX components.

NSX Manager

The NSX Manager is the centralized network management component of NSX, and is installed as a virtual appliance on any ESXTM host in your vCenter Server environment. It provides an aggregated system view. One NSX Manager Maps to a single vCenter Server environment and multiple NSX Edge, vShield Endpoint, and NSX Data Security instances.

NSX vSwitch

NSX vSwitch is the software that operates in server hypervisors to form a software abstraction layer between servers and the physical network. As the demands on datacenters continue to grow and accelerate, requirements related to speed and access to the data itself continue to grow as well. In most infrastructures, virtual machine access and mobility usually depend on physical networking infrastructure and the physical networking environments they reside in. This can force virtual workloads into less than ideal environments due to potential layer 2 or layer 3 boundaries, such as being tied to specific VLANs. NSX vSwitch allows you to place these virtual workloads on any available infrastructure in the datacenter regardless of the underlying physical network infrastructure. This not only allows increased flexibility and mobility, but increased availability and resilience.

NSX Controller

NSX controller is an advanced distributed state management system that controls virtual networks and overlay transport tunnels. NSX controller is the central control point for all logical switches within a network and maintains information of all virtual machines, hosts, logical switches, and VXLANs. The controller supports two new logical switch control plane modes, Unicast and Hybrid. These modes decouple NSX from the physical network. VXLANs no longer require the physical network to support multicast in order to handle the Broadcast, Unknown unicast, and Multicast (BUM) traffic within a logical switch. The unicast mode replicates all the BUM traffic locally on the host and requires no physical network configuration. In the hybrid mode, some of the BUM traffic replication is offloaded to the first hop physical switch to achieve better performance.

NSX Edge

NSX Edge provides network edge security and gateway services to isolate a virtualized network. You can install an NSX Edge either as a logical (distributed) router or as a services gateway. The NSX Edge logical (distributed) router provides East-West distributed routing with tenant IP address space and data path isolation. Virtual machines or workloads that reside on the same host on different subnets can communicate with one another without having to traverse a traditional routing interface.
The NSX Edge gateway connects isolated, stub networks to shared (uplink) networks by providing common gateway services such as DHCP, VPN, NAT, dynamic routing, and Load Balancing. Common deployments of NSX Edge include in the DMZ, VPN Extranets, and multi-tenant Cloud environments where the NSX Edge creates virtual boundaries for each tenant.

NSX Edge Services

Dynamic Routing: Provides the necessary forwarding information between layer 2 broadcast domains, thereby allowing you to decrease layer 2 broadcast domains   and improve network efficiency and scale. NSX extends this intelligence to where the workloads reside for doing East-West routing. This allows more direct virtual machine to virtual machine communication without the costly or timely need to extend hops. At the same time, NSX also provides North-South connectivity, thereby enabling tenants to access public networks.

Firewall: Supported rules include IP 5-tuple configuration with IP and port ranges for stateful inspection for all protocols.

Network Address Translation: Separate controls for Source and Destination IP addresses, as well as port translation.

Dynamic Host Configuration Protocol ((DHCP): Configuration of IP pools, gateways, DNS servers, and search domains.

Site-to-Site Virtual Private Network (VPN): Uses standardized IPsec protocol settings to interoperate with all major VPN vendors.

L2 VPN: Provides the ability to stretch your L2 network.

SSL VPN-Plus: SSL VPN-Plus enables remote users to connect securely to private networks behind a NSX Edge gateway.

Load Balancing: Simple and dynamically configurable virtual IP addresses and server groups.

High Availability: High availability ensures an active NSX Edge on the network in case the primary NSX Edge virtual machine is unavailable.
NSX Edge supports syslog export for all services to remote servers.

Distributed Firewall

NSX Distributed Firewall is a hypervisor kernel-embedded firewall that provides visibility and control for virtualized workloads and networks. You can create access control policies based on VMware vCenter objects like datacenters and clusters, virtual machine names and tags, network constructs such as IP/VLAN/VXLAN addresses, as well as user group identity from Active Directory. Consistent access control policy is now enforced when a virtual machine gets vMotioned across physical hosts without the need to rewrite firewall rules. Since Distributed Firewall is hypervisor-embedded, it delivers close to line rate throughput to enable higher workload consolidation on physical servers. The distributed nature of the firewall provides a scale-out architecture that automatically extends firewall capacity when additional hosts are added to a datacenter.

vRB not getting registered with vRA 7.6 version, error "Invalid data format"

                                  Not able to register vRB with vRA 7.6 version

During my upgrade of vRB, i had encountered with vRB registration with vRA.
This is known issue as of now with vRB and VMware is aware as well. there is a fix for this.
Getting error "Invalid data format" while registering with vRA.

1. SSH to vRB appliance and go to "/usr/local/tomcat/shared-lib"
2. check if any .jar files exist there or not. In my case, there was no .jar files located under this directory.
3. I got shared lib .jar files from VMware for vRB 7.6 version.
4. Once got the .jar files from VMware, follows below steps. If you need vRB 7.6 versions .jar files, comment me on this post, i will provide that.
5.***** Take a snapshot of the vRBC appliance again *****

i. SSH to vRB appliance and run command "monit stop all"
ii. Put all the jar files to "/usr/local/tomcat/shared-lib/"
iii. Run command "monit start all"
iv. Re-Register the vRB appliance with vRA.

This time vRB will get register with vRA without any issues.