vRealize Network Insight 6.1 Release Notes

vRealize Network Insight 6.1 | 14 Jan 2021| Build 1610450081

Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

What's New
Product Upgrade
Documentation
VMware Product Compatibility
VMware MIB Files
Resolved Issues
Known Issues

What's New

Here are the key features and capabilities of vRealize Network Insight 6.1:

Network Assurance and Verification

Introduces two new intents: the native VLAN intent and native VLAN tagging mismatch intent
Supports Palo Alto Networks (PAN) Firewall in Network Map
Supports Juniper devices in Network Map through Netconf (without the need for SSH)
Enhances path-search usability to include the underlying device configuration data.

Intent Based Analytics Support for Link Metering for VMware SD-WAN

Provides ability to create intents to track bandwidth usage on links (LTE/MPLS) that incur usage based service contracts with ISPs
Provides proactive alerts to avoid overage charges due to excessive bandwidth usage beyond the contractual limits
Supports the ability to optimize or conserve bandwidth traversing across these links.

Intent Based Analytics for Monitoring Edge Uplink Utilization

Provides ability to create intents to monitor uplink utilization across the VMware SD-WAN Edges to assess and optimize traffic utilization for troubleshooting and capacity planning
Supports flexibility to choose the uplink type to generate alerts and notifications.

Layer 7 Service Information from NSX Intelligence

Provides Layer 7 service visibility when NSX Intelligence is enabled on an NSX-T manager
Provides enhanced dashboards, including the VM, Hosts, and the Application dashboards to provide out of the box Layer 7 service visibility.

NSX-T Monitoring and Troubleshooting

Provides ability to filter alerts based on alert entities and configurations
Provides metric charts for better visualization and interaction
Provides metrics for all NSX-T objects in the NSX-T Manager Topology page
Provides events for the firewall rule masking
Flow retransmit count metric renamed as flow retransmit percentage metric.

VMware Cloud on AWS (VMC on AWS)

Support for VMC T0 Router Interface Statistics which includes Rx Total Bytes, Rx Total Packets, Rx Dropped Packets, Tx Total Bytes, Tx Total Packets and Tx Dropped Packets for Public, Cross-VPC, and Direct Connect interfaces.

Physical Device Monitoring and Troubleshooting

Provides metric charts for better visualization and interaction with the metrics.

Search

Provides alternative search suggestions when a search fails to show results.

Pinboard

Preserves filter state when pinning a widget to a pinboard
Ability to pin the no results search to a pinboard
Ability to see other users' pinboards in the Auditor role.

Alerts

Shows different alert definitions in separate tabs for easy classification and better management of alerts. Alert Definition (known as events in earlier release) refers to a problem or a change condition that the system detects
Introduces the term alert to indicate an instance when the system detects a problem, a change, or violation of an intent.

vRealize Network Insight Platform

Supports web proxies for data sources (SD-WAN, AWS, Azure, ServiceNow, and VMC NSX Manager)
Shows information related to Platform and Collector VMs such as IP address (name), last activity, status, and so on in one single page
Introduces the following new pages and capabilities:
- Adding or updating data sources
- Web proxies listing page
- Web proxies usage visibility
- Infrastructure and support page.

Others

VMware vRealize Network Insight Cloud is now available in Sydney, Australia
vRealize Suite Lifecycle Manager 8.2 Product Support Pack 2 supports the installation of vRealize Network Insight 6.1. See VMware vRealize Suite Lifecycle Manager 8.2 Release Notes. For information about install and upgrade vRealize Network Insight by using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.

Product Upgrade

The supported upgrade path is available at https://www.vmware.com/resources/compatibility/sim/interop_matrix.php#upgrade&solution=285.

Refer to the Upgrading vRealize Network Insight section for more information on the upgrade procedure.

Documentation

For additional information about new features, see the vRealize Network Insight documentation.

Note: As you use the vRealize Network Insight documentation, we want you to know that we value inclusion at VMware. To foster this principle within our customer, partner, and internal community, we have updated some terminology in our documentation.

VMware Product Compatibility

The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.

VMware MIB Files

For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the VMware Knowledge Base Article: 1013445.

Resolved Issues

When you select more than 220 applications to perform bulk delete, you see Failed to Delete error message.
If you have not applied the 5.3 patch and have upgraded to 6.0 directly from 5.3, the Netflow collector continues to show spike in physical flows.

Restart the collector service manually, or contact VMware Support.
The NSX-T policy firewall rules with IP address or IP collection in the Source or Destination fields are not stored.
In case of VMs whose networking is managed by different NSX-T and have same UUIDs, vRealize Network Insight will report incorrect IP address and properties on their flow information will not be accurate.
For vSphere 7.0 with CVDS and NSX-T 3.0 and later, vRealize Network Insight does not attach NSX policy segments to the VMs. So, vRealize Network Insight search shows zero VM count under NSX-T policy segment.

Use NSX-T Manager dashboard to see the VM count.
Port Channel Member Mismatch intent does not trigger alerts.
vRealize Network Insight does not display the LLDP neighbor information of Cisco Catalyst 6500 on the Switch Port Peers widget of the Switch Dashboard.
In the Network Map, path search referring to an older network state may fail on large networks.
When you set an inferred IP as the destination segment for the Reachability intent, and the path results that are not able to reach the destination exists, the Reachability intent does not generate an event.
If you add a vRealize Network Insight license immediately after the OVA deployment, the UI stops responding on the Platform Reconfiguration window.
Events are disabled or broken when there are errors such as the system exceeding the physical device limit.
vRealize Network Insight does not trigger events for the Port Mode Mismatch intent due to a known internal processing issue.
Auto-complete for Entity and Path Search may include items that are currently not supported by Network Map.
In a multi-collector setup, after the certificate change for a data source, vRealize Network Insight generates duplicate ’Identity Information for Data Source changed’ events.
The VM Underlay widget does not show all the neighboring switches and its connections correctly.
Network Map displays a spinner instead of a message in the following scenarios.
- When the network map build is still in progress
- When no supported data source has been added
- When all the supported data sources previously added are deleted
The Cisco Nexus device icon in Network Map appears as a physical switch, instead of a physical switch-router icon.
If you have configured Link Aggregation (LAG) on ESXi uplink ports, the network path and intent results might display as complete, even during the incomplete state.
- Though a path through the Cisco ASA firewall is allowed, the path search result might show it as blocked when the Global access list is involved.
- The Reachability, Segmentation, and Loop intents might trigger incorrect alerts for paths through the Cisco ASA firewall when the Global access list is involved.
The Loop intent might trigger incorrect alerts when VTEPs are configured on untagged VLAN networks.
Though there are changes in Segmentation, Reachability, and Loop event results, the changes are not reflected in the Events tab and hence they are not represented correctly on the Network Map.

To fix the issue, duplicate the existing intent, and delete the old intent.
The Duplex Mismatch intent does not trigger alerts.
Cisco Nexus devices with VXLAN configuration might not get modeled correctly on the Network Map and displays a warning message stating the device is not processed correctly.
Duplicate IP Address intent might trigger incorrect alerts when multiple devices in the network have the same IP address for valid scenarios, such as MC-LAG, NAT, and Loopback.
For Juniper devices configured with trunk port channels, the Port Mode Mismatch intent might trigger incorrect alerts.
The network paths and intent results might be incorrect on links that have a port-channel interface on one side, and a non-port-channel interface on the other side.
The addition or deletion of a region might reset the layout changes done in the same edit session.

To fix the issue, refresh the page which resets the layout positions correctly.
When you add a vCenter and enable flows, the count of supported VMs for the extra-large collector dropped down from 35K to 20K.

To fix the issue, perform the following steps by logging in as a ubuntu user on platform1:
1. Run ~/run_all.sh sudo service samzajobs stop to stop samza on all nodes.
2. Type rdb to switch to rdb prompt and run the following commands to increase the flow limits for proxies.
  1. type customerId to get the customer ID
  2. set_policy -cid <customerId> -ns policy -key proxy.VmLimitOverride -val 35000
  3. exit to exit rdb prompt
3. Run ~/run_all.sh sudo service restapilayer-service restart
4. Run ~/run_all.sh sudo service saasservice restart
5. Run ~/run_all.sh sudo service samzajobs start
In the Pinboard display, there are issues with the UI elements while trying to hide a filter.
Checkpoint data collection fails for non-MDS data source for API version 1.6.1
SNMP metrics do not show up for some of the interfaces.
vRealize Network Insight NSX-T data sources stopped collecting data.
Unable to see Flows TCP RTT metric in the vRealize Network Insight Cloud UI.
After adding the Checkpoint data source, the lag in the indexer continues to increase.
Even after adding the Checkpoint data source, unable to see the VM-VM path information.
VM-VM path computation either times out or takes a very long time to finish the computation.
Same router interface is either discovered or deleted regularly.
Unable to add the NSX-T Manager on AWS with the Web Proxy option, due to an invalid token error.
Collector stops collecting from the data sources.
Collectors do not send data to the platform and throw a memory error.
Data source validation fails due to the SSH negotiation failure.
Collectors crash and all data sources stopped collecting data due to memory leaks and high swap usage on the collectors.
An error occurs after adding the Arista 7050sx3 switches as a data source.
Unable to collect data from the second N7K HSRP configuration.
VM-VM path rendering times out due to environment performance and scale.
VC Vlsi connector shuts down with an error.
Pinboards are now independent of document Id which allows pins to show data even after 7 days.

Known Issues

[NEW] When the flow collection from NSX Intelligence is enabled, the Layer 7 App ID property is not available for the dropped flow.
[NEW] In the Add Application screen, unable to create tier/deployment by using the keyboard to select the values.
[NEW] During the upgrade to 6.1, while migrating elastic search records if the service restarts, it may happen that the migrated records count decreases or resets to zero. This issue resolves automatically when all records are migrated.
[NEW] Juniper device running the Spanning Tree Protocol (STP) is incorrectly modeled in the Network Map.
[NEW] When a trunk interface of a switch is connected to an interface of Arista configured with the dot1Q sub interfaces, then the Port Mode Mismatch intent raises false alerts for that interface pair.
[NEW] Network map links may not intermittently show up on a page load.

Reload or refresh the page.
[NEW] Path search from VC managed VM towards VMs or IPs external to the source VM's subnet, does not work.
[NEW] CLI upgrade fails while exporting saved search queries due to a Python library issue.

Perform the upgrade through the UI or reinitiate the upgrade.
[NEW] If AnalyticsClient is initialized before the elastic search is up, SD-Wan Intent charts do not load.

Restart the REST API layer on all the platforms.
[NEW] System created intents will have the name in the same locale in which the user has applied the license.
[NEW] When creating an intent for SD-WAN, adding more than 100 edges to the exception list of SD-WAN causes an expected behavior.

Do not add more than 100 edges to the exception list of SD-WAN.
[NEW] In the Path Topology page, the vNIC drop-down for the destination VM is not visible in the dark theme.
Events on NSX-T Manager nodes that are connected to vSphere Standard Switches are included in the Summary panel, but not on the Events tab in the Network Map page.
You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.
vRealize Network Insight does not display the serial number of HPE switches.
If the AWS VPC logs are published at a delay of 20 minutes at source, the AWS flow data might not show on the Threshold dashboard.
If the flow-based threshold configured application has overlapping members (IP endpoints, VMs, or Kubernetes entities) across tiers of different applications, then tiers from other applications appear on the dashboard of that threshold configuration.
You may see the "Failed to fetch saved searches" error toast message after migrating to the current version. Contact VMware Support for the resolution.
With the release of vSphere 7.x, some vRealize Network Insight features stop to work in 6.x versions due to vSphere Tanzu. For more information, see the KB article 78492.