NSX Bytes: NSX-v 6.2.2 Released

03/08/2016 / Anthony Spiteri

Last week VMware released version 6.2.2 of NSX-v. The 6.2.2 release is mainly aimed at patching a security hole in the glibc libraries as well as removing a constraint with the DHCP Pool setup allowing .local domains in the config and improving the user experience when configuring the Distributed Firewall. Once following the standard NSX Upgrade Process you will see NSX Manager build 6.2.2.3604087 and as shown below the NSX Controllers will be at build 6.2.46427

In terms of the Distributed Firewall UI changes I couldn’t spot any drastic changed except for some consistency changes with the Rule Name and Action option.

I’ve gone through the list of resolved issues and pulled out the list of fixes that impact my day to day with NSX-v the most. The ones in Red being of extra significance.

Security patch to address the glibc vulnerability, CVE-2015-7547
The 6.2.2 release delivers a security patch to address CVE-2015-7547.
Rules not pushed to host
DFW rule/ip list updates failed to be scheduled due to task framework resource limitations in NSX Manager. Error message showed a failure to queue tasks for Change Notification threads.
Traffic interrupted for 50 seconds after HA failover on ESG
This issue was caused when NSX failed to synchronize the static routes among the HA NSX Edge nodes.
NSX load balancer IP_HASH health check issue
In IPVS, when using the source-ip hash algorithm, if the selected backend server’s weight equals 0, a “service unavailable” reply is sent even if there are healthy backend servers.
Packet sent to LIF without DHCP relay results in PSOD
The ESXi host suffers a PSOD if a DHCP unicast packet is addressed to the IP of a LIF that is expected to have DHCP relay enabled but the actual receiving LIF does not have DHCP relay enabled.
DFW Publishing error
Modifying and saving DFW rules in filtered mode may result in rules not being saved and published.

Still a fairly long list of Known Issues so make sure you are aware of what is still problematic in the product to ensure you are not impacted…even with that great to see so much work going into making NSX-v even an even more reliable and stable platform.

References:

https://pubs.vmware.com/Release_Notes/en/nsx/6.2.2/releasenotes_nsx_vsphere_622.html

NSX

Quick Post: Web Client vs VI Client Permissions with VCSA

About the Author - Anthony Spiteri

Regional CTO APJ, Veeam Product Strategy & Lead Cloud and Service Provider Technologist Anthony works in Product Strategy and the Office of the CTO at Veeam. Anthony focuses on Veeam’s Cloud and Service Provider technologies and partners along with automation, IaC and modern application platforms. Anthony previously held architectural lead roles at some of Australia's leading Cloud providers. At Veeam, he is responsible for generating content, evangelism, collecting product feedback, presenting at major events and engaging with Analyst and Media as an official Veeam spokesperson. With a Master’s Degree in Network and System Administration (Distinction) from Charles Sturt, he can be found blogging at https://anthonyspiteri.net or hosting the Great Things with Great Tech Podcast at https://gtwgt.com

VIRTUALIZATION IS LIFE!