NETWORKING

I’ve been holding off upgrading my lab to vSphere 6.5 because NSX 6.2.x doesn’t support it. With the release of NSX 6.3 and vSphere 6.5a, I can now upgrade. The sequence of the upgrade is slightly different to the generic one published by VMware because vSphere 6.5 isn’t supported with NSX 6.2. If follows that I need to upgrade NSX to 6.3 (which supports vSphere 6.0u2) before I can upgrade vSphere to 6.

Equal Cost Multipathing (ECMP), for the vSphere admin, is ability to create routes with an equal cost, which allows multiple paths to the same network to be created and traffic can be distributed over those paths. This is good for a couple of reasons - firstly is availability. If we were to lose a host, and an NSX Edge, the route will time out quicker than NSX Edge High Availability - thus providing higher availability for our network traffic.

Recently I was asked to develop some vRealize Orchestrator workflows against the F5 BIG-IP iControl REST API, but I was not able to test freely against a production appliance. After a lot of attempts to get in contact with F5 for a 90-day trial of the full version, or to purchase a lab license, I came up empty handed. The free version you can download from F5’s website is version 11.

Enter a name for the monitor, and leave the other parameters the same. Select the “Special Parameters” tab and configure the send string to the URL to monitor - e.g for the PSC SSO it’s going to be: GET /websso/HealthStatus For the receive string, enter the expected response (“GREEN”). Click Create. Assigning a NetScaler Monitor to a Service Assign the monitor to the PSC Services (or Service Groups) configured for PSC by opening the Configuration > Traffic Management > Load Balancing > Services page and selecting the PSC service for HTTPS/443 and clicking Edit.

vSphere 6 HA SSO (PSC) with NetScaler VPX Load Balancer for vRealize Automation Deploying vRealize Automation 6.2 Appliance Cluster with Postgres Replication Deploying fully distributed vRealize Automation IaaS components - Part 1: Pre-requisites Deploying fully distributed vRealize Automation IaaS components - Part 2: Database, Web and Manager services Deploying fully distributed vRealize Automation instance - Configuring NetScaler Monitors Providing a highly available single sign on for vRealize Automation is a fundamental part of ensuring the availability of the platform.

<img class=“alignright wp-image-5603 size-medium” src="/images/2015/02/cisco_SG300-20_1.png" alt=“Cisco SG300-20” width=“300” height=“180” of upgrading my lab switch, which is the excellent Cisco SG300-20, I’ve not had a chance to update the firmware since it was released 6 months ago because of the downtime. For some reason I prefer configuring the SG300 from the command line - a hangover from my old networking days I suppose, but somehow it doesn’t feel right to me to use the GUI!

I am aware that that’s not a catchy blog post title. In fact, it doesn’t even really describe the problem or solution very well - for that I need to go into a little bit more depth! Suppose I have configured a Reservation with two Networks ticked (“192.168.1.0-VLAN1” and “192.168.10.0-VLAN10”). As you can see in the screenshot below, each of the networks has a Network Profile created and assigned with a network pool to provide IP addressing for the VMs.

It is with great relief that I can announce I have passed my VCP NV (Network Virtualisation) having been caught out by the difficulty of the exam and failing previously. Exam Preparation I was fortunate to attend a VMware internal bootcamp (roughly equivalent to the ICM course) for NSX and have had experience deploying production NSX environments, so that is by far the best preparation. As always, the exam blueprint is crucial, you *have* to know all areas covered there.

The NSX Edge Gateway comes pre-armed with the ability to provide an SSL VPN for remote access into your network. This isn’t a new feature (SSL VPN was available in vCloud Networking and Security), but it’s worth a run through. I’m configuring remote access to my Lab, since it’s often useful to access it when on a client site, but traditional VPN connections are often blocked on corporate networks where HTTPS isn’t.

I recently got my hands on a copy* of Chris Wahl and Steve Pantol’s Networking for VMware Administrators and was very keen to read it – especially given the reputation of the authors. I came to the book as someone who is at CCNA level (although now expired) and someone who regularly designs complex VMware networks using standard and distributed switches. I would class myself as having a fairly decent understanding of networking, though not a networking specialist.