Category : Certification

Written by Christopher Lewis on August 1, 2017 .

This is one of many posts that will form part of the VCAP6-NV Deploy Exam Guide .

When configuring Dynamic Routing within VMware NSX it is important to configure each NSX Edge, either Edge Service Gateway (ESG) or Distributed Logical Router (DLR), with a Router ID.

Configuring the Router ID

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

Using your favourite web browser, navigate to the vCenter Server login page (https://vcenter.fqdn).

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on August 1, 2017 .

Skills and Abilities

Objective 5.1 - Backup and Restore Network Configurations

  • Schedule/Backup/Restore NSX Manager data
  • Export/Restore vSphere Distributed Switch configuration
  • Export/Import Service Composer profiles
  • Save/Export/Import/Load Distributed Firewall configurations

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Schedule/Backup NSX Manager data

Using a browser, navigate to the VMware NSX Manager Virtual Appliance (https://nsx-manager.fqdn).

Enter admin as the User name and the Password (set during the installation above) then click Login.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 31, 2017 .

This is one of many posts that will form part of the VCAP6-NV Deploy Exam Guide .

What is an Edge Service Gateway (ESG)?

An Edge Services Gateway is a virtual appliance that is responsible for both North/South traffic and various Edge services, including Load Balancing, NAT and DHCP.

In this example, we will create a new ESG with two interfaces, one to connect to the transit network (Internal) and one to connect to a vDS Portgroup (Uplink).

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 31, 2017 .

This is one of many posts that will form part of the VCAP6-NV Deploy Exam Guide .

What is a Distributed Logical Router (DLR) ?

A Distributed Logical Router (or Logical Distributed Router) is typically used to route East/West traffic between Logical Switches.

In this example, we will create a new DLR with two Internal interfaces to connect the App_Tier and Data_Tier Logical Switches. FInally we’ll add an Uplink interface to connect the DLR to a “transit” logical switch.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 2.2 - Configure and Manage Layer 2 Bridging

  • Add Layer 2 Bridging
  • Connect Layer 2 Bridging to the appropriate distributed virtual port group

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

The following prerequisites are for Layer 2 Bridging.

  • An NSX logical router must be deployed in your environment.
  • You cannot use a universal logical router to configure bridging, and you cannot add a bridge to a universal logical switch.

Objective Breakdown

Add Layer 2 Bridging

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 5.2 - Monitor a VMware NSX Implementation

  • Configure logging for NSX components according to a deployment plan
  • Monitor health of networking services
  • Monitor health and status of infrastructure components:
    • vSphere
    • NSX Manager
    • Control Cluster
  • Enable data collection for single/multiple virtual machines

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Configure logging for NSX components according to a deployment plan

For configuring SYSLOG for the NSX Manager, see HOWTO: Configure VMware NSX and VMware vRealize Log Insight – Part Two

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 3.1 - Configure and Manage Logical Load Balancing

  • Configure the appropriate Load Balancer model for a given application topology.
  • Configure SSL off-loading.
  • Configure a service monitor to define health check parameters for a specific type of network traffic.
  • Optimize a server pool to manage and share backend servers.
  • Configure an application profile and rules.
  • Configure virtual servers.

Objective Prerequisites

The following prerequisites are assumed for this Objective:

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 2.3 - Configure and Manage Routing

  • Deploy the appropriate NSX Edge (ESG/DLR) device according to a deployment plan.
  • Configure centralized and distributed routing.
  • Configure default gateway parameters.
  • Configure static routes.
  • Select and configure appropriate dynamic routing protocol according to a deployment plan:
    • OSPF
    • BGP
    • IS-IS
  • Configure route redistribution to support a multi-protocol environment.

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Deploy the appropriate NSX Edge (ESG/DLR) device according to a deployment plan

A VMware NSX Edge Services Gateway (ESG) is deployed for North/South traffic and the additional services, such as NAT and Load Balancing. In most circumstances, a VMware NSX Distributed Logical Router (DLR) is deployed for East/West traffic. Although it is possible to configure a uplink to allow North/South traffic on a DLR.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 5.3 - Configure and Manage Role Based Access Control

  • Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO).
  • Manage User rights:
    • Assign roles to user accounts
    • Change a user role
    • Delete/disable/enable a user account

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)

Configuring SSO requires that NTP is configured correctly within the VMware NSX Manager. This is covered in HOWTO: Deploy and Configure the VMware NSX Manager Virtual Appliance - Part 2

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on July 30, 2017 .

Skills and Abilities

Objective 8.1 - Administer and Execute calls using the VMware NSX vSphere API

  • Construct and execute an API call using correct syntax and formatting
  • Programmatically configure system parameters including:
    • NSX controller syslog
    • Modify DLR declared dead time
  • Analyze, modify, and successfully retrieve configuration data using an existing API call.

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x implementation.

Objective Breakdown

Construct and execute an API call using correct syntax and formatting

For API calls I tend to use Postman. I’m not sure how you can get the incorrect syntax when using the API guide from VMware. Within Postman, you choose the Request Type (i.e. GET, POST, DELETE, etc) and then enter the full URL of the API call.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO