Last Updated on: 23 OCTOBER 2018
vRealize Network Insight 3.9 | 20 SEPTEMBER 2018 | Build 1536339775
Check regularly for additions and updates to these release notes.
Alert! Apply the pre-patch before you upgrade to vRealize Network Insight 3.9 from the 3.7 or 3.8 versions. For more information, see https://kb.vmware.com/s/article/59443.
The release notes cover the following topics:
Here are the key features and capabilities of vRealize Network Insight 3.9:
NSX-T Support Enhancements
- Support for NSX Distributed Firewall (DFW) generated IPFIX flows and firewall rule recommendations to the micro-segmentation applications.
- Support for VM-VM path and VM underlay path for VMs for the VMs managed by NSX-T.
Pin board Enhancements
- Increased the maximum number of supported pin boards to 500.
- Single step process of creating a pin board and adding pins.
- Share pin boards with other users.
- View existing pin boards in the pin board library.
- Timeline controls within pin boards.
- Customize the pin board titles and pin names.
Pin boards and Entity dashboards can auto-refresh with configurable timers.
Support for NSX DFW Universal Artifacts
The universal artifacts can be generated and exported for the Application and the Tier groups.
Improved Scale and Performance
Increased scale limits to 60,000 VMs and 10 million flows.
- For supporting 60,000 VMs on a 10-node cluster, contact VMware Support.
- For support on adding 10,000 VMs on a large collector, contact VMware Support.
The following documentation is available at vRealize Network Insight Information Center:
- vRealize Network Installation Guide
- vRealize Network Insight User Guide
- vRealize Network Insight Command-Line Interface Reference Guide
- vRealize Network Insight Frequently Asked Questions
- vRealize Network API Documentation
vRealize Network Insight 3.9 supports direct upgrade from the 3.8 and 3.7 versions.
Refer to the Upgrading vRealize Network Insight section to get information on upgrade options.The upgrade path is available at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#upgrade&solution=285 .
The resolved issues for vRealize Network Insight 3.9 are as follows:
- vRealize Network Insight may cause NSX controller nodes to run out of memory leading to VM connectivity loss.
- The path to the edge gateway in the path topology is missing
- The flows for some VMs that have multiple VNICS are not seen as the IP addresses were not getting assigned to those VMs.
- The creation of cluster failed with the "platform 1 could not be elected as a leader during kafka partition" error.
- The Kafka retention settings for a cluster are incorrect.
- The data source failed alert is raised for Cisco5000.
- The appliance configuration fails with the "Please check pairing status after 15 minutes using cli command 'show-connectivity-status', exiting" error message.
- The passwords are logged in clear text for Cisco ASA data sources.
- Platform1 has high CPU utilization because of two instances of
- The containers are migrated out from Platform1.
- The launcher on the proxy server keeps restarting.
- High disk utilization is seen for vRealize Network Insight disks.
- The saasservice is not able to start automatically.
- The HDFS data node upstart crashed due to port conflict.
- There are HDFS-related issues seen in the hbase region server logs.
- There are large number of router interface versions seen.
- There are large number of CustomL2Network versions seen.
- The creation of support bundle from UI fails for the proxy server.
- vRealize Network Insight has processing lag and is consuming 100% CPU on platform.
- The policy override through API does not happen.
- Telemetry cannot be enabled or disabled for the proxy server nodes unless it is enabled or disabled on the platform nodes.
- The metrics for the Arista switches are not available.
- vRealize Network Insight reports no data for the Ethernet interfaces on a physical device.
- The error "Something went wrong" appears after adding the Dell switches.
- After the upgrade, Brocade MLX fails to connect to the proxy server.
- A timeout occurs while configuring NetFlow for its vCenter data source through vRealize Network Insight.
- The screen freezes while upgrading the 3 node cluster from vRealize Network Insight 3.7 to vRealize Network Insight 3.8.
- The topology and the VM path do not display.
- The request for offline registration fails.
- No alert is triggered in spite of the CPU usage going above 90% on the host.
- There is high disk usage by the zookeeper.
The known issues and limitations for vRealize Network Insight 3.9 are as follows:
- The upgrade to vRealize Network Insight 3.9 fails if the pre-patch is not applied. Apply the pre-patch before you upgrade to vRealize Network Insight 3.9 from the 3.7 or 3.8 versions. For more information, see https://kb.vmware.com/s/article/59443. [New]
- vRealize Network Insight reports proxy communication failure when the postgres service on the proxy server does not start automatically and the CollectorMain javaservice keeps restarting. [New]
- If the disk is full on a zookeeper leader node, check-service-health.sh command states that zookeeper is healthy while it is actually unhealthy. To fix this issue, restart zookeeper. [New]
- The auto-refresh counter restarts and keeps showing incorrect data even though auto-refresh is paused. [New]
- vRealize Network Insight may not be able to detect an out-of-sync system clock sometimes. If the clock is not in sync with NTP, some services may become unhealthy or stop working. [New]
- The bundle upload or extraction and the subsequent upgrade steps may fail if there is insufficient space in the /tmp directory. For single-click offline upgrade and online upgrade, ensure that there is a certain amount of disk space available in the /tmp directory. [New]
- The disk may run out of space for the vRealize Network Insight Platform VM. In large environments, the partition /var may become full and additional storage may be needed. See https://kb.vmware.com/s/article/53550 for instructions on how to increase disk space.
- The vRealize Network UI is not available when the partition /var is more than 85% full in the Platform VM. For validation and fix, contact VMware support.
- An unwanted default rule is applied to certain NSX IPFIX flows. This is because sometimes, NSX IPFIX reports reverse packet in which client and server are flipped and the firewall rule is applied as per the flipped source and destination IP.
- The Export to CSV feature for the flow data takes more than 30 minutes for 180,000 flows when all the fields are selected.
- The Export to PDF feature for the PCI dashboard has the following known issues:
- The changes that you make in the NetFlow flow diagram dashboard are not visible in the PDF.
- For a particular widget, the number of properties that are exported as PDF is more than the number of properties that are actually selected in that widget.
- The unicode characters are not getting exported correctly to the PDF.
- The metric properties are not exported in the PDF.
- When you create a logical subnet or logical router, a new edge VM is dynamically created to serve this request. The events for this kind of VM are shown.
- If issues such as upload failure or UI failure come up while performing the centralized upgrade, please contact VMware support.
- The Plan Security page for the last 2 days takes around 3 minutes to load. A higher response time is seen while executing queries for about 24 hours after migration of a data source between collectors. This is because the same flows are reported, opened, and closed from two different collectors within a span of 24 hours. It leads to multiple versions created for the same flows.
- Sometimes, the Export to CSV feature fails with the 502 error in the browser. The workaround is to retry the operation.
- vRealize Network Insight does not support rollback or product downgrade. It is recommended that you take a backup.
- The datastore metrics of a VM are not shown on vRealize Network Insight if it is hosted on vSAN Datastore.
- If the vCenter and the associated NSX manager data sources are not attached to the same proxy server, you will not see the denied flows (when NSX IPFIX is enabled) and the Applied Firewall Rule will be missing in some flows.
- The NAT rules on the NSX Edge version 5.5 or the previous versions are not supported.
- The firewall rule section of the PCI Compliance dashboard may show incorrect rules if the selected scope is a nested security group in NSX or an application when multiple NSX managers are added as a data source.
- The sub-interfaces on VRF for Cisco Nexus 7000/9000 are not supported.
- In the Applied To grouping criteria, the NSX edge is not supported.
- The platform cluster does not support the high availability configuration. All the platform nodes need to be up and running for the cluster to work at optimal performance levels.
- The recommended firewall rules support only global rules creation. The creation of universal rules is not supported.
- The plan topology widget has options to select all flows, all protected flows, and so on. The flows that are solely captured from VDS and not from NSX IPFIX only show up when the all flows option is selected because their protection status is classified as unknown not as protected or unprotected.
- The Export as CSV option is not supported for advanced searches that use group by, sum, max, and min functionality.
- Some events such as Host network control plane mismatch are not raised if the datacenter is not at the top level and is located inside a folder in vCenter.
- The product update notifications are supported only for the single-platform node deployment that is connected to Internet.
- There is a known issue in the list view for events search where sometimes facet counts are incorrect upon selection and no events are shown.
- vRealize Network Insight shows the older version after the upgrade. Once the product upgrade is complete, refresh the browser after clearing the browser cache.
- Upon the expiry of the Evaluation license, the data providers are disabled and they stop collecting data. After renewing the license, the data providers must be enabled again from the UI to start data collection.
- To use Gmail® server as the choice of mail server, additional configuration settings as listed on https://support.google.com/accounts/answer/6010255?hl=en are required.
- After you remove a data source from the system, you can add the same data provider back only after two or more hours.
- The support bundle creation on a medium sized system can take in excess of fifteen minutes.
The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.
For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the 1013445 KB article.