vRealize Network Insight 6.0 | 13 Oct 2020| Build 1601964323
Check for additions and updates to these release notes.
What's in the Release NotesThe release notes cover the following topics:
- What's New
- Product Upgrade
- VMware Product Compatibility
- VMware MIB Files
- Resolved Issues
- Known Issues
Here are the key features and capabilities of vRealize Network Insight 6.0:
Network Assurance and Verification
- Distributed Firewall and Edge Firewall support for NSX-T
- Reachability Intent
- Path Search using IP addresses
- Enhancements to the Network Map scale and improved Summary Panel
- Support for additional data sources, which includes Cisco UCS, ASA, and Juniper QFX
VMware SD-WAN by VeloCloud
- Display of Edge-to-Edge, Edge-to-Hub, Edge-to-GW Tunnel connectivity graphs on Edge dashboard
- Path tunnel visibility on VeloCloud Edge dashboard
- Support for SD-WAN VeloCloud Flows in Flow RTT
- A new Internet Service Providers (ISP) dashboard to identify ISPs associated with SD-WAN VeloCloud entities
VMware Cloud on AWS
- Metrics for flow TCP RTT and re-transmit are now available
- Addition of Top talker widget in the VMware Cloud on AWS Direct Connect dashboard
- Calculation of flow metrics data at 5 minutes interval
- Ability to see search query that generates data in the pins. This capability is available only for a selected set of pins.
- View a list of useful search queries along with its descriptions
- Share pinboards with LDAP groups, Active Directory, and vIDM users
- Preserve search query in pin name along with the pin title
- Persist changes to original pin at the time of pinning the pinboard
- Apparent "Read Only" pinboard
Backup and Restore
- Enable backup and restore of configuration data, such as SNMP, data source, and other settings. This does not include flow data, any entity metrics, or events configuration
Data Source connectivity via Proxy support
- Ability to specify web-proxy for AWS, Azure, VMware Cloud on AWS, SD-WAN, Infoblox, and ServiceNow data source for data collection
- New metric charts that support multiple-dimensions, multiple entities, zoom-in, and additional functionalities
vRealize Network Insight Cloud
- VMware vRealize Network Insight Cloud now available on VMware Cloud Provider Hub (USA region only)
- VMware vRealize Network Insight Cloud now available in Sydney, Australia
vRealize Network Insight and vRealize Operations Integration
- Applications discovered and saved in vRealize Network Insight can now be imported into vRealize Operations.
- vRealize Network Insight Cloud is automatically discovered in vRealize Operations Cloud if you have subscriptions for both.
vRealize Network Insight and VMware HCX Integration
- Support for HCX stretched L2 VLAN: Flow stitching, VM to flows mapping
- Export vRealize Network Insight Application into to VMware HCX as Mobility Groups using public APIs and scripts
For more information, see vRealize Network Insight and HCX Integration and Integrating vRealize Network Insight with VMware HCX.
- vRealize Suite Lifecycle Manager 8.2 Product Support Pack 1 supports the installation of vRealize Network Insight 6.0. See VMware vRealize Suite Lifecycle Manager 8.2 Release Notes. For information about install and upgrade vRealize Network Insight by using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.
vRealize Network Insight 6.0 is a major version that requires new license keys. After upgrading to 6.0, all license keys, except the NSX Enterprise Plus will cease to work. You can obtain the new license keys from the MyVMware portal.
If you do not add the new license key during the upgrade, you get a grace period of seven days and also you see a warning message to add the new key on each UI page of the upgraded setup. For more information, see the VMware Knowledge Base Article:80358.
Refer to the Upgrading vRealize Network Insight section for more information on the upgrade procedure.
The supported upgrade path is available at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#upgrade&solution=285.
For additional information about new features, see the vRealize Network Insight documentation.
- Installing vRealize Network Insight
- Using vRealize Network Insight
- vRealize Network Insight FAQs
- vRealize Network Insight Command Line Interface Guide
- vRealize Network Insight API Guide
Note: As you use the vRealize Network Insight documentation, we want you to know that we value inclusion at VMware. To foster this principle within our customer, partner, and internal community, we have updated some terminology in our documentation.
The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.
For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the VMware Knowledge Base Article: 1013445.
After you upgrade vRealize Network Insight, if you run a query for the metric data for a time range in which the upgrade happened, then the aggregated indicative value might not appear for all metric points in the series.
The VM-to-VM path does not display VRF information of all existing routes and route interfaces.
Port-channel members in passive mode in the network will not be visible to the users in the passive members field of the port-channel interface. Additionally, the Port Channel Member Mismatch intent will not produce accurate results in this scenario.
HSRP STP Colocation intent does not produce the expected result due to a known internal processing issue.
The query to request flows on Application Topology fails to display the list of flows intermittently.
Even after you delete a device, vRealize network Insight continues to show it on the Entities list and the Network Map until the next snapshot is generated.
After upgrading, the Overview and Updates page might show the following error messages against Platform Capacity:
- System usage has breached the capacity.
- Capacity configuration is mismatched.
The Platform role feature introduced in the 5.3 version requires the correct configuration in the setup. Use the Info icon to view the resolution.
- Add more resources to increase capacity.
- Reconfigure using the option provided on the UI.
If you are using the Firefox browser, you might experience some issues while accessing the tooltips on a few features like Network Map, Microsegmentation.
Use Google Chrome.
The path to internet fails to populate when you use VMware Cloud on AWS 1.12 with vRealize Network Insight 5.3.
To avoid or fix the issue, see the VMware Knowledge Base Article: 80359.
[NEW] Network Map displays a spinner instead of a message in the following scenarios.
- When the network map build is still in progress
- When no supported data source has been added
- When all the supported data sources previously added are deleted
[NEW] The addition or deletion of a region might reset the layout changes done in the same edit session.
To fix the issue, refresh the page which resets the layout positions correctly.
[NEW] The network paths and intent results might be incorrect on links that have a port-channel interface on one side, and a non-port-channel interface on the other side.
[NEW] For Juniper devices configured with trunk port channels, the Port Mode Mismatch intent might trigger incorrect alerts.
[NEW] Duplicate IP Address intent might trigger incorrect alerts when multiple devices in the network have the same IP address for valid scenarios, such as MC-LAG, NAT, and Loopback.
[NEW] Cisco Nexus devices with VXLAN configuration might not get modeled correctly on the Network Map and displays a warning message stating the device is not processed correctly.
[NEW] If you have configured Link Aggregation (LAG) on ESXi uplink ports, the network path and intent results might display as complete, even during the incomplete state.
[NEW] Though there are changes in Segmentation, Reachability, and Loop event results, the changes are not reflected in the Events tab and hence they are not represented correctly on the Network Map.
To fix the issue, duplicate the existing intent, and delete the old intent.
- Though a path through the Cisco ASA firewall is allowed, the path search result might show it as blocked when the Global access list is involved.
- The Reachability, Segmentation, and Loop intents might trigger incorrect alerts for paths through the Cisco ASA firewall when the Global access list is involved.
[NEW] The Loop intent might trigger incorrect alerts when VTEPs are configured on untagged VLAN networks.
[NEW] The Duplex Mismatch intent does not trigger alerts.
[NEW] The Cisco Nexus device icon in Network Map appears as a physical switch, instead of a physical switch-router icon.
[NEW] When you select more than 220 applications to perform bulk delete, you see Failed to Delete error message.
[NEW] If you have not applied the 5.3 patch and have upgraded to 6.0 directly from 5.3, the Netflow collector continues to show spike in physical flows.
Restart the collector service manually, or contact VMware Support.
[NEW] The NSX-T policy firewall rules with IP address or IP collection in the Source or Destination fields are not stored.
[NEW] In case of VMs whose networking is managed by different NSX-T and have same UUIDs, vRealize Network Insight will report incorrect IP address and properties on their flow information will not be accurate.
[NEW] For vSphere 7.0 with CVDS and NSX-T 3.0 and later, vRealize Network Insight does not attach NSX policy segments to the VMs. So, vRealize Network Insight search shows zero VM count under NSX-T policy segment.
Use NSX-T Manager dashboard to see the VM count.
[NEW] When you add a vCenter and enable flows, the count of supported VMs for the extra-large collector dropped down from 35K to 20K.
To fix the issue, perform the following steps by logging in as a ubuntu user on platform1:
- Run the ~/run_all.sh sudo service samzajobs stop to stop samza on all nodes.
- Type rdb to switch to rdb prompt.
- Type customerId to get the customer ID.
- Run the following commands to increase the flow limits for proxies:
- set_policy -cid <customerId> -ns policy -key proxy.VmLimitOverride -val 35000
- exit to exit rdb prompt
- ~/run_all.sh sudo service restapilayer-service restart
- ~/run_all.sh sudo service saasservice restart
- ~/run_all.sh sudo service samzajobs start
Auto-complete for Entity and Path Search may include items that are currently not supported by Network Map.
vRealize Network Insight does not trigger events for the Port Mode Mismatch intent due to a known internal processing issue.
In the Network Map, path search referring to an older network state may fail on large networks.
When you set an inferred IP as the destination segment for the Reachability intent, and the path results that are not able to reach the destination exists, the Reachability intent does not generate an event.
Events on NSX-T Manager nodes that are connected to vSphere Standard Switches are included in the Summary panel, but not on the Events tab in the Network Map page.
Events are disabled or broken when there are errors such as the system exceeding the physical device limit.
vRealize Network Insight does not display the LLDP neighbor information of Cisco Catalyst 6500 on the Switch Port Peers widget of the Switch Dashboard.
If you add a vRealize Network Insight license immediately after the OVA deployment, the UI stops responding on the Platform Reconfiguration window.
You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.
vRealize Network Insight does not display the serial number of HPE switches.
With the release of vSphere 7.0 and NSX-T 3.0, some vRealize Network Insight features stop to work in 5.1, 5.2, and 5.3 versions due to WCP (Workload Control Plane) and C-VDS. For more information, see the VMware Knowledge Base Article: 78492.
In a multi-collector setup, after the certificate change for a data source, vRealize Network Insight generates duplicate ’Identity Information for Data Source changed’ events.
You see the Unable to retrieve manifest or certificate file error while deploying vRealize Network Insight OVA through the URL on a vCenter 7.0 setup.
The VM Underlay widget does not show all the neighboring switches and its connections correctly.
The NSX-V prepared ESX hosts might observe the Purple Screen of Death (PSOD) in certain conditions. So, the Virtual Infrastructure Latency collection is disabled for NSX-V data source in vRealize Network Insight. For more information, see the VMware Knowledge Base Article:75224.
Note: There is no impact on NSX-T versions.
The HostPrep FeatureUnhealthy event is not closed even when the feature status is Green.
Validation fails for AWS access key users having restricted access to the regions.
If the AWS VPC logs are published at a delay of 20 minutes at source, the AWS flow data might not show on the Threshold dashboard.
If the flow-based threshold configured application has overlapping members (IP endpoints, VMs, or Kubernetes entities) across tiers of different applications, then tiers from other applications appear on the dashboard of that threshold configuration.