Released – NSX-v 6.4.2 – What’s in it for Service Providers (Networking Enhancements)

The week before VMworld, VMware released version 6.4.2 (Build 9643711) of NSX-v. There is a lot of enhancements that Service Providers can take advantage of in this release. The focus seems to be on edge and distributed network services which translates to more power for service providers to create features upon while also meaning they can take advantage of the same enhancements to improve performance and efficiencies within their our virtualised network.

In terms of interoperability, for the moment the latest vSphere 6.7 and 6.5 U2 releases are supported, however vCloud Director is not support at all. Interestingly, only 6.4.0 is supported through the main vCloud Director installs presently installed on service provider platforms.

Networking and Edge Services:

  • Multicast Support: Adds ability to configure L3 IPv4 multicast on Distributed Logical Router and Edge Service Gateway through support of IGMPv2 and PIM Sparse Mode
  • Default Limit of MAC identifiers: Increases from 2048 to 4096
  • Hardware VTEP: Added multi PTEP cluster capability to facilitate environments with multiple vCenters

Security Services:

  • Context-Aware Firewall: Additional Layer 7 Application Context Support (EPIC, MSSQL, BLAST AppIDs)
  • Firewall Rule Hit Count: Monitor rule usage and easily identify unused rules for clean-up
  • Firewall Section Locking: Enables multiple security administrators to work concurrently on the firewall
  • NSX Application Rule Manager: Improved scale to 100 vNICs per session, further simplifying the process of creating security groups and whitelisting firewall rules for existing applications.

Operations and Troubleshooting:

  • Authentication & Authorization: Introduces 2 new roles (Network Engineer and Security Engineer). Adds ability to enable/disable basic authentication.
  • NSX Scale Dashboard: Provides visibility into 25 new metrics. Adds ability to edit usage warning thresholds and filter for objects exceeding limits.
  • NSX Controller Cluster Settings: Specify common settings (DNS, NTP, Syslog) to apply to NSX Controller Cluster
  • Support for VM Hardware version 11 for NSX components: For new installs of NSX 6.4.2, NSX appliances (Manager, Controller, Edge, Guest Introspection) are installed with VM HW version 11.

Also as promised, the improvements to the HTML5 NSX user interface continues. TraceFlow, User Domains, Audit Logs, Events & Tasks have been added to the HTML5 vSphere Client. The other pleasing thing to see is that comparatively speaking the number of resolved issues is much lower than previous releases. This points to the 6.4.x code being a lot more stable and bug free than previous iterations…which is pleasing to see.

There are some changes to consider as well in the 6.4.2 release. Starting with version 6.4.2, when you install NSX on hosts that have physical NICs with ixgbe drivers, Receive Side Scaling (RSS) is not enabled on the ixgbe drivers by default. You must enable RSS manually on the hosts before installing NSX. There is also a change to the API call to set Syslog against the controller. That said, it’s still worth looking through the Known Issues section in the release notes.

Those with the correct entitlements can download NSX-v 6.4.2 here.

References:

https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.4/rn/releasenotes_nsx_vsphere_642.html

Leave a Reply