vRealize Network Insight 6.2 | 15 Apr 2021| Build 1617345572
Check for additions and updates to these release notes.
What's in the Release NotesThe release notes cover the following topics:
- What's New
- Product Upgrade
- VMware Product Compatibility
- VMware MIB Files
- Resolved Issues
- Known Issues
Here are the key features and capabilities of vRealize Network Insight 6.2:
Network Assurance and Verification
- Provides a cross-link for the VM-VM path search in the network map with a logical VM-VM path
- Provides native support for the Cisco ASR 9000 devices
- Provides native support for MPLS for Cisco Catalyst and Cisco ASR 9000 devices
- Supports F5 Secure Network Address Translation (SNAT) in Network Map
- Introduces new threshold configurations for
- Switch metrics: CPU, Memory
- Switch port metrics: Switch-Port RX Traffic Rate, Switch-Port TX Traffic Rate, Switch-Port RX Packet Drops, and Switch-Port TX Packet Drops.
NSX-T Monitoring and Troubleshooting
- Introduces 5-minute polling intervals for metrics collected from the VMware NSX-T and VMware vCenter servers
- Introduces 20 seconds granular metrics for VMs
- Introduces new search queries for BGP neighbor status and learned routes, and Equal Cost Multi Path routing status of edges in a cluster
- Supports the collection of the firewall rule comments from the distributed firewall rule definitions
- Supports the collection of URPF mode router interface key property for the VMware NSX-T routers
- Introduces two new threshold configurations for the VMware NSX-T Edge metrics: Traffic Rate and Packet Drops.
VMware Cloud on AWS
- Supports SDDC Group
- Including intra SDDC group flows, application discovery for SDDC group, search operator, dashboard, alerts, and flow threshold
- Supports VMware Transit Connect
- Including flows, dashboard, search operator, alerting, and flow threshold
- Supports VMware Cloud on AWS SDDC to VMware Cloud on AWS SDDC and VMware Cloud on AWS SDDC to native VPC topology
- Introduces 20 seconds granular metrics for VMs within the VMware Cloud on AWS Compute Gateway and VMware Cloud on AWS Management Gateway (VMware vCenter Appliance, VMware NSX Manager Appliances, VMware NSX Edge Appliances, VMware HCX Appliance VMs)
- Provides Network and Security Configuration Maximum alerts
- Provides support for Virtual Routing and Forwarding (VRF) Route Leaking and Layer 3 MPLS VPN on VMware Cloud on AWS Direct Connect Colo Router (Cisco ASR).
- Automatically identifies application groups without any user inputs
- Provides the ability to keep the saved applications up to date with dynamic membership updates
- Supports modification of the naming preferences to change the name of applications based on the user CSV file or the VM name, tags, security group or security tag.
- Supports modification of the flow duration and scope
- Option to select 1 week, 2 weeks, 3 weeks, or 30 days as flow duration
- Applications dashboard:
- Saved applications display an icon if updates are available
- Provides the ability to filter applications based on the applications with updates and no updates
- Supports sort functionality on the last updated column
- Update applications view:
- Displays the tiers that are added, modified, or deleted, with the member details
- Provides the ability to apply the update on the applications
- Edit application page displays a warning if there are any pending updates
- Application hotspot widget shows impacted applications for immediate attention to applications that are experiencing performance degradation
- Eliminates references of the Equal Cost Multi Path tags in the VMware SD-WAN Path Topology map.
Enhanced Rule Recommendations in Security Planning
- Enhances security planning to provide fine-grained firewall rule recommendations
- Provides the ability to export the recommended rules to include the membership information of different groups used in the rules.
Azure VMware Solution
- Provides support for Azure VMware Solution 2.0.
Google Cloud VMware Engine
- Provides support for Google Cloud VMware Engine.
- Provides Public APIs for Pinboard CRUD operations.
- Provides support for 7-node XL clusters
- Ability to track the usage of VMs, Hosts, Applications, Flows, and Firewall Rules with a data retention period of up to 13 months.
- F5 data source now only needs REST API access. SSH access is not required.
- Applications discovered from ServiceNow support VMs, Physical IPs, and K8s services in the discovered tiers
- Membership of tiers discovered from Service Now or based on flows can only be specified as a list of entities. Search based membership criteria can not be used to specify members for tiers that are automatically discovered from ServiceNow or based on Flows.
- To install and upgrade vRealize Network Insight by using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.
The supported upgrade path is available at https://interopmatrix.vmware.com/#/Upgrade?productId=285.
Refer to the Upgrading vRealize Network Insight section for more information on the upgrade procedure.
For additional information about new features, see the vRealize Network Insight documentation.
- Installing vRealize Network Insight
- Using vRealize Network Insight
- vRealize Network Insight FAQs
- vRealize Network Insight Command Line Interface Guide
- vRealize Network Insight API Guide
Note: As you use the vRealize Network Insight documentation, we want you to know that we value inclusion at VMware. To foster this principle within our customer, partner, and internal community, we have updated some terminology in our documentation.
The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.
For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the VMware Knowledge Base Article: 1013445.
Web.xml configuration file disclosure, broken link hijacking, email addresses found, and subresource Integrity (SRI) not implemented security issues are reported in the API documentation.
In the Add Application screen, unable to create tier/deployment by using the keyboard to select the values.
During the upgrade to 6.1, while migrating elastic search records if the service restarts, it may happen that the migrated records count decreases or resets to zero. This issue resolves automatically when all records are migrated.
Juniper device running the Spanning Tree Protocol (STP) is incorrectly modeled in the Network Map.
When a trunk interface of a switch is connected to an interface of Arista configured with the dot1Q sub interfaces, then the Port Mode Mismatch intent raises false alerts for that interface pair.
CLI upgrade fails while exporting saved search queries due to a Python library issue.
Perform the upgrade through the UI or reinitiate the upgrade.
If AnalyticsClient is initialized before the elastic search is up, VMware SD-WAN Intent charts do not load.
Restart the REST API layer on all the platforms.
When creating an intent for VMware SD-WAN, adding more than 100 edges to the exception list of VMware SD-WAN causes an expected behavior.
Do not add more than 100 edges to the exception list of VMware SD-WAN.
In the Path Topology page, the vNIC drop-down for the destination VM is not visible in the dark theme.
While viewing the flows for VMs, certain VMs show non-existing firewall rules being applied to the flow record.
NSX-V balancers status sometimes shows missing details.
While using VMs with two NICs, the second NIC does not display the flows.
Upgrading from vRealize Network Insight 6.0 to 6.1 fails with the "Failed to start samzajobs service after removing unused topics" error.
When adding a tier of an application, unable to create filters with tags while using API Calls.
While adding the NSX-T data source using FQDN, with the NSXi integration enabled, the NSXi polling task fails with an error.
In the VM-VM path, Check Point firewall rules are not displayed on the Check Point gateway cluster VRF.
VM-VM path fails after reaching the Check Point gateway cluster VRF due to the Router Interface name mismatch.
VM-VM path fails because the destination VNIC default gateway route interface does not have the layer 2 set and shows the "Unable to find Vnic for destination IP" error.
Denorm of Router Interface, Router, and Check Point gateway cluster VRF fails due to a ClassCast exception, while computing the denorm for path "routerDevice.associatedDevices".
Unknown Path message is displayed while trying to render the VM-VM path.
Collector stops collecting information and displays the "java.lang.OutOfmemoryError: unable to create new native thread" error.
Unable to use search or grouping of tiers and applications in the Security Planning page of Micro-segmentation.
In the Path Topology, the VM-VM path not showing any result, and the Path Topology widget becomes unresponsive due to an error in the browser’s console.
[NEW] HSRP/VRRP Master and STP Root Co-location intent is not supported for Juniper devices.
[NEW] vRealize Network Insight path search results traversing through switchless F5 BIG-IP Load Balancer platforms (2xxx, 4xxx, i2xxx, i4xxx, and VE) show up as "Blocked” at the F5, as these F5 models do not provide MAC address table output.
Additionally these F5 model devices cannot be used as intermediate hop in the path search.
[NEW] In F5, port mode is not available when the interface is associated with the trunks interfaces. This causes a port mode mismatch with the switch ports of the neighboring devices.
[NEW] F5 BIG-IP validation fails if TMSH is not enabled from the F5 BIG-IP UI for the user account.
Workaround: Enable TMSH for the user account to bypass the vRealize Network Insight F5 BIG-IP validation logic.
[NEW] In the Network Map model, Palo Alto rules with destination zone set to 'any', do not get applied to the same zone pair.
[NEW] In the Network Map path search, bidirectional path search queries destined to external IP addresses are truncated at the end of the forward path.
[NEW] When the content of an open alert changes, vRealize Network Insight does not show the new value in the alert details.
[NEW] In the Network Map, the entity details window of the distributed switches does not show alerts that are originated from intents.
[NEW] For VMware vSphere Distributed Switches (VDS), raw data information is not available in the Network Map UI. If you click on the VDS links from the path search option of the Network Map, the UI becomes unresponsive.
Workaround: Refresh the browser to use the Network Map again.
[NEW] While running the RESTAPI service, no users are found in the configuration store. Due to this, the NSX configurations are not created.
[NEW] In the Applications on Edges widget of the VeloCloud Enterprise page, you may see the "Encountered an error" message.
Workaround: Contact VMware Support for the resolution.
You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.