Before beginning the upgrade, it is important to test the vCloud Networking and Security working state. Otherwise, you will not be able to determine if any post-upgrade issues were caused by the upgrade process or if they preexisted the upgrade process.

About this task

Do not assume everything is working before you start to upgrade the vCloud Networking and Security infrastructure. Make sure to check it first.

You can use the following procedure as a pre-upgrade checklist.

Procedure

  1. Identify administrative user IDs and passwords.
  2. Verify that forward and reverse name resolution is working for all components.
  3. Verify you can log in to all vSphere and vShield components.
  4. Note the current versions of vShield Manager, vCenter Server, ESXi and vShield Edges.
  5. Verify that VXLAN segments are functional.

    Make sure to set the packet size correctly and include the don't fragment bit.

    • Ping between two VMs that are on same virtual wire but on two different hosts.

      • From a Windows VM: ping -l 1472 –f <dest VM>

      • From a Linux VM: ping -s 1472 –M do <dest VM>

    • Ping between two hosts' VTEP interfaces.

      • ping ++netstack=vxlan -d -s 1572 <dest VTEP IP>

        Note:

        To get a host's VTEP IP, look up the vmknicPG IP address on the host's Manage > Networking > Virtual Switches page.

  6. Validate North-South connectivity by pinging out from a VM.
  7. Record BGP and OSPF states on the NSX Edge devices.
  8. Visually inspect the vShield environment to make sure all status indicators are green, normal, or deployed.
  9. Verify that syslog is configured.
  10. If possible, in the pre-upgrade environment, create some new components and test their functionality.
  11. Validate netcpad and vsfwd user-world agent (UWA) connections.
    • On an ESXi host, run esxcli network vswitch dvs vmware vxlan network list --vds-name=<VDS_name> and check the controller connection state.

    • On vShield Manager, run the show tech-support save session command, and search for "5671" to ensure that all hosts are connected to vShield Manager.

  12. (Optional) : If you have a test environment, test the upgrade and post-upgrade functionality before upgrading a production environment.