vRealize Network Insight 6.0 | 13 Oct 2020| Build 1601964323 Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

• What's New
• Product Upgrade 
• Documentation
• VMware Product Compatibility
• VMware MIB Files
• Resolved Issues
• Known Issues

What's New

Here are the key features and capabilities of vRealize Network Insight 6.0:

Network Assurance and Verification

• Distributed Firewall and Edge Firewall support for NSX-T
• Reachability Intent
• Path Search using IP addresses
• Enhancements to the Network Map scale and improved Summary Panel
• Support for additional data sources, which includes Cisco UCS, ASA, and Juniper QFX

VMware SD-WAN by VeloCloud

• Display of Edge-to-Edge, Edge-to-Hub, Edge-to-GW Tunnel connectivity graphs on Edge dashboard
• Path tunnel visibility on VeloCloud Edge dashboard
• Support for SD-WAN VeloCloud Flows in Flow RTT
• A new Internet Service Providers (ISP) dashboard to identify ISPs associated with SD-WAN VeloCloud entities

VMware Cloud on AWS

• Metrics for flow TCP RTT and re-transmit are now available
• Addition of Top talker widget in the VMware Cloud on AWS Direct Connect dashboard
• Calculation of flow metrics data at 5 minutes interval

Search Enhancements

• Ability to see search query that generates data in the pins. This capability is available only for a selected set of pins.
• View a list of useful search queries along with its descriptions

Pinboards

• Share pinboards with LDAP groups, Active Directory, and vIDM users
• Preserve search query in pin name along with the pin title
• Persist changes to original pin at the time of pinning the pinboard
• Apparent "Read Only" pinboard

Backup and Restore

• Enable backup and restore of configuration data, such as SNMP, data source, and other settings. This does not include flow data, any entity metrics, or events configuration

Metric charts

• New metric charts that support multiple-dimensions, multiple entities, zoom-in, and additional functionalities

vRealize Network Insight Cloud

• VMware vRealize Network Insight Cloud now available on VMware Cloud Provider Hub (USA region only)
• VMware vRealize Network Insight Cloud now available in Sydney, Australia

vRealize Network Insight and vRealize Operations Integration

• Applications discovered and saved in vRealize Network Insight can now be imported into vRealize Operations.
• vRealize Network Insight Cloud is automatically discovered in vRealize Operations Cloud if you have subscriptions for both.

vRealize Network Insight and VMware HCX Integration

• Support for HCX stretched L2 VLAN: Flow stitching, VM to flows mapping
• Export vRealize Network Insight Application into to VMware HCX as Mobility Groups using public APIs and scripts

For more information, see vRealize Network Insight and HCX Integration and Integrating vRealize Network Insight with VMware HCX.

Others

• vRealize Suite Lifecycle Manager 8.2 Product Support Pack 1 supports the installation of vRealize Network Insight 6.0. See VMware vRealize Suite Lifecycle Manager 8.2 Release Notes. For information about install and upgrade vRealize Network Insight by using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.

Product Upgrade

vRealize Network Insight 6.0 is a major version that requires new license keys. After upgrading to 6.0, all license keys, except the NSX Enterprise Plus will cease to work. You can obtain the new license keys from the MyVMware portal.
If you do not add the new license key during the upgrade, you get a grace period of seven days and also you see a warning message to add the new key on each UI page of the upgraded setup. For more information, see the VMware Knowledge Base Article:80358.

Refer to the Upgrading vRealize Network Insight section for more information on the upgrade procedure.

The supported upgrade path is available at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#upgrade&solution=285.

Documentation

For additional information about new features, see the vRealize Network Insight documentation.

• Installing vRealize Network Insight
• Using vRealize Network Insight
• vRealize Network Insight FAQs
• vRealize Network Insight Command Line Interface Guide
• vRealize Network Insight API Guide

Note: As you use the vRealize Network Insight documentation, we want you to know that we value inclusion at VMware. To foster this principle within our customer, partner, and internal community, we have updated some terminology in our documentation.

VMware Product Compatibility

The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.

VMware MIB Files

For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the VMware Knowledge Base Article: 1013445.

Resolved Issues

• vRealize Network Insight does not trigger events for the Port Mode Mismatch intent due to a known internal processing issue.

• In the Network Map, path search referring to an older network state may fail on large networks.

• After you upgrade vRealize Network Insight, if you run a query for the metric data for a time range in which the upgrade happened, then the aggregated indicative value might not appear for all metric points in the series.

• The VM-to-VM path does not display VRF information of all existing routes and route interfaces. 

• Events are disabled or broken when there are errors such as the system exceeding the physical device limit.

• When you set an inferred IP as the destination segment for the Reachability intent, and the path results that are not able to reach the destination exists, the Reachability intent does not generate an event.

• Port-channel members in passive mode in the network will not be visible to the users in the passive members field of the port-channel interface. Additionally, the Port Channel Member Mismatch intent will not produce accurate results in this scenario.

• HSRP STP Colocation intent does not produce the expected result due to a known internal processing issue.

• If you add a vRealize Network Insight license immediately after the OVA deployment, the UI stops responding on the Platform Reconfiguration window.

• The query to request flows on Application Topology fails to display the list of flows intermittently.

• Even after you delete a device, vRealize network Insight continues to show it on the Entities list and the Network Map until the next snapshot is generated.

• The NSX-V prepared ESX hosts might observe the Purple Screen of Death (PSOD) in certain conditions. So, the Virtual Infrastructure Latency collection is disabled for NSX-V data source in vRealize Network Insight. For more information, see the VMware Knowledge Base Article:75224.

  Note:  There is no impact on NSX-T versions.

• After upgrading, the Overview and Updates page might show the following error messages against Platform Capacity:

  • System usage has breached the capacity.
  • Capacity configuration is mismatched.

  The Platform role feature introduced in the 5.3 version requires the correct configuration in the setup. Use the Info icon to view the resolution.

  • Add more resources to increase capacity.
  • Reconfigure using the option provided on the UI.

• If you are using the Firefox browser, you might experience some issues while accessing the tooltips on a few features like Network Map, Microsegmentation.

  Use Google Chrome.

• The path to internet fails to populate when you use VMware Cloud on AWS 1.12 with vRealize Network Insight 5.3.

  To avoid or fix the issue, see the VMware Knowledge Base Article:  80359.

• The network map may become unavailable after converting a single node deployment to a cluster

  Workaround:

• For cluster setups with less than five nodes, Network Path feature may not work after performing capacity reconfiguration.

  Workaround: Change Path-Analyzer-location entry in the following files to the appropriate platform:

  build-target/restapilayer/props.sh
  -> PATH_ANALYZER_NODE="platform3:${PATH_ANALYZER_PORT}"
  build-target/restapiyer/configuration.yaml
  -> pathAnalyzerNode: platform3

  And then restart restapilayer service.

Known Issues

• [NEW] Network Map displays a spinner instead of a message in the following scenarios.

  • When the network map build is still in progress
  • When no supported data source has been added
  • When all the supported data sources previously added are deleted

• [NEW] The addition or deletion of a region might reset the layout changes done in the same edit session.

  To fix the issue, refresh the page which resets the layout positions correctly.

• [NEW] The network paths and intent results might be incorrect on links that have a port-channel interface on one side, and a non-port-channel interface on the other side.

• [NEW] For Juniper devices configured with trunk port channels, the Port Mode Mismatch intent might trigger incorrect alerts.

• [NEW] Duplicate IP Address intent might trigger incorrect alerts when multiple devices in the network have the same IP address for valid scenarios, such as MC-LAG, NAT, and Loopback.

• [NEW] Cisco Nexus devices with VXLAN configuration might not get modeled correctly on the Network Map and displays a warning message stating the device is not processed correctly.

• [NEW] If you have configured Link Aggregation (LAG) on ESXi uplink ports, the network path and intent results might display as complete, even during the incomplete state.

• [NEW] Though there are changes in Segmentation, Reachability, and Loop event results, the changes are not reflected in the Events tab and hence they are not represented correctly on the Network Map. 

  To fix the issue, duplicate the existing intent, and delete the old intent.

• [NEW] 

  • Though a path through the Cisco ASA firewall is allowed, the path search result might show it as blocked when the Global access list is involved. 
  • The Reachability, Segmentation, and Loop intents might trigger incorrect alerts for paths through the Cisco ASA firewall when the Global access list is involved. 

• [NEW] The Loop intent might trigger incorrect alerts when VTEPs are configured on untagged VLAN networks.

• [NEW]  The Duplex Mismatch intent does not trigger alerts.

• [NEW] The Cisco Nexus device icon in Network Map appears as a physical switch, instead of a physical switch-router icon.

• [NEW] When you select more than 220 applications to perform bulk delete, you see Failed to Delete error message.

• [NEW] If you have not applied the 5.3 patch and have upgraded to 6.0 directly from 5.3, the Netflow collector continues to show spike in physical flows.

  Restart the collector service manually, or contact VMware Support.

• [NEW] The NSX-T policy firewall rules with IP address or IP collection in the Source or Destination fields are not stored.

• [NEW] In case of VMs whose networking is managed by different NSX-T and have same UUIDs, vRealize Network Insight will report incorrect IP address and properties on their flow information will not be accurate.

• [NEW] For vSphere 7.0 with CVDS and NSX-T 3.0 and later, vRealize Network Insight does not attach NSX policy segments to the VMs. So, vRealize Network Insight search shows zero VM count under NSX-T policy segment.

  Use NSX-T Manager dashboard to see the VM count.

• [NEW] When you add a vCenter and enable flows, the count of supported VMs for the extra-large collector dropped down from 35K to 20K.

  To fix the issue, perform the following steps by logging in as a ubuntu user on platform1:

  1. Run ~/run_all.sh sudo service samzajobs stop to stop samza on all nodes.
  2. Type rdb to switch to rdb prompt and run the following commands to increase the flow limits for proxies.
     1. type customerId to get the customer ID
     2. set_policy -cid <customerId> -ns policy -key proxy.VmLimitOverride -val 35000
     3. exit to exit rdb prompt
  3. Run ~/run_all.sh sudo service restapilayer-service restart
  4. Run ~/run_all.sh sudo service saasservice restart
  5. Run ~/run_all.sh sudo service samzajobs start

• [NEW] You may see the "Failed to fetch saved searches" error toast message after migrating to the current version. Contact VMware Support for the resolution.

• [NEW] Port Channel Member Mismatch intent does not trigger alerts.

• [NEW] With the release of vSphere 7.x, some vRealize Network Insight features stop to work in 6.x versions due to vSphere Tanzu. For more information, see the KB article 78492.

• Auto-complete for Entity and Path Search may include items that are currently not supported by Network Map.

• Events on NSX-T Manager nodes that are connected to vSphere Standard Switches are included in the Summary panel, but not on the Events tab in the Network Map page.

• vRealize Network Insight does not display the LLDP neighbor information of Cisco Catalyst 6500 on the Switch Port Peers widget of the Switch Dashboard.

• You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.

• vRealize Network Insight does not display the serial number of HPE switches.

• In a multi-collector setup, after the certificate change for a data source, vRealize Network Insight generates duplicate ’Identity Information for Data Source changed’ events.

• You see the Unable to retrieve manifest or certificate file error while deploying vRealize Network Insight OVA through the URL on a vCenter 7.0 setup.

• The VM Underlay widget does not show all the neighboring switches and its connections correctly.

• The HostPrep FeatureUnhealthy event is not closed even when the feature status is Green.

• Validation fails for AWS access key users having restricted access to the regions.

• If the AWS VPC logs are published at a delay of 20 minutes at source, the AWS flow data might not show on the Threshold dashboard.

• If the flow-based threshold configured application has overlapping members (IP endpoints, VMs, or Kubernetes entities) across tiers of different applications, then tiers from other applications appear on the dashboard of that threshold configuration.