In a few scenarios, NSX Managers require DNS to be configured so that the Manager can perform DNS lookups. This is important to know so that you can configure your DNS server before you deploy the NSX Manager.
NSX requires forward and reverse DNS entries for any of the following scenarios:
- Starting with NSX 4.1 and later versions, in a dual stack environment (that is, both IPv4 and IPv6 have been configured).
- Use cases where
"publish_fqdns": true
. - NSX Manager that uses CA-signed certificates.
- NSX Manager with Multisite deployments. (It is optional for all other deployment types.) See Multisite Deployment of NSX in the NSX Administration Guide.
Note: If you did not provide a fully-qualified hostname (FQDN) while deploying NSX Manager in a dual stack environment, then you may be required to replace the REST API certificates because they may not have generated correctly during first boot. You will notice this problem if your browser does not trust the NSX Manager certificate in which case the browser will ask you if you want to ignore the problem. You can either continue to ignore the problem or replace the Manager's REST API certificate.
To ensure a valid FQDN is configured for both the IPv4 and IPv6 addresses used to deploy the NSX Manager and that both address types point to the same FQDN, use the following workflow.
Prerequisites
Understand the scenarios in which you plan to use the NSX Manager. To avoid any problems, ensure you always configure the NSX Manager hostname to be fully qualified. If the NSX Manager hostname is always fully qualified, then the initial certficates will be generated correctly and will match the DNS server records. If any of the following scenarios are present that require NSX to use forward and reverse DNS entries and you have already deployed NSX, make sure you complete step one in the following procedure.
Procedure
What to do next
Run get hostname CLI to confirm if FQDN is set.