#acl merlyn:read,write All:read <> = NSX Training Day 1 = == Class Files == http://tinyurl.com/z8eg7uu http://tinyurl.com/hzb5bmp = lab information = i. vCenter 172.20.10.94 == infrastructure == == Defining a System Problem == Problems can arise from numerous sources, which include: i. Configuration issues i. Resource contention i. Network attacks i. Software bugs i. Hardware failures i. Poor or untested designs == Troubshooting Process == === Defining the problems === i. Identifying symptoms i. Gathering information i. Identify recent Changes === Identifying the cause of the problem === i. Identify possible causes i. Determining the root cause i. Test possible causes of the problem === Implementing the resolution === i. Identify possible solutions i. Implementing the best solution i. Verify the resolution i. Document the resolution === Separation Of Transport and Services === i. Test physical connectivity between the hosts 'Virtual Tunneling EndPoints(VTEPs)' i. Ensure that is an adequately MTU end-to-end. (MTU minimum size is 1550 in NSX environment) i. Ensure that the proper VXLAN port is configured for use. i. Ensure that no Firewall is disallowing VXLAN communications Service Separation Routing, Firmwalling, SLB, NAT, DNS, DHCP, VPNs, Deep Packet Inspection... Page 12 Twelve === Determining NSX Services Involved === i. NSX Manager Configuration missing on an NSX endpoint or device may indicate a management communication failure. Or use of NSX Manager for Identify Firewall and failure to properly log in or disallow a login may indicate.( Misconfiguration in Security Policy, Communication failure in accessing LDAP services from AD) i. Control Plane Dependencies Control Plane Method (Unicast, Hybrid, Multicast) i. Security Services employed DFW i. Advanced Services Of Edge Services Gateway. {{{ Load Balancing settings of failures VPN(IPSec, L2VPN tunnels)communications links ESG routing or firewall services ETC.. }}} === Troubshoot the NSX Logical Switching === i. Ensure proper functioning of NSX Managerment and Control Plane communication. i. For Logical Switching Communication, begin checking the following == Troubshoot NSX Logical Routing Overview == If VXLAN communication involves logical routing and logical switching elements and the infrastructure services have been checked. i. For VXLAN to VXLAN endpoint communication i. For VXLAN to VLAN endpoint communication involving Edge Service Gateway == NSX for vSphere Infrastructure Preparation Steps == I. Deploy NSX Manager Deplay the NSX Manager Open Virtualization Appliance(OVA) file I. Register with vCenter Server One-to-one relationship NSX MGR - vCenter I. Deploy Controllers Deploy controller appliances Configure IP pool settings I. Prepare Hosts {{{ Install VIBs for VXLAN, DFW, DLR on all hosts in cluster Configures RMQ based messaging infrastructure Enable firewall }}} == NSX-v Preparation Steps - Connect NSX Manager to vCenter == i. show running config i. show arp/ip route i. show manager log follow i. mgr# debug packet display interface mgmt port 443 i. ESXi_host# esxcli network ip connnection list | grep 5471 i. ESXi_host# esxcfg-advcfg -g /UserVars/RmqIpAddress i. ESXi_host# esxcli network ip connnection list | grep 1234 == NSX-v Preparation Steps - Deploy NSX Controllers == == Important Port Numbers == i. VXLAN UDP port number used is 8372. i. Port 80 to be open from NSX Manager to the hosts.