vRealize Network Insight 6.4 | 12 Oct 2021| Build 1633067610 Check for additions and updates to these release notes.

What's in the Release Notes

The release notes cover the following topics:

• What's New
• Product Upgrade 
• Documentation
• VMware Product Compatibility
• VMware MIB Files
• Resolved Issues
• Known Issues

What's New

Here are the key features and capabilities of vRealize Network Insight 6.4:

Network Assurance and Verification

• Provides support for Cisco ASR 1000 and ISR 4000 models.
• Provides support for Cisco N2K (FEX).

VMware NSX-T Monitoring and Troubleshooting

• Supports VMware NSX-T security SKU (DFW on DVPG).
• Supports VMware NSX-T Federation deployments with visibility into global VMware NSX-T entities and cross-site VM-VM path.

VMware Cloud

• Introduces a new dashboard for the VMware Cloud on Dell EMC SDDC.
• Expands search functionality to include VMware Cloud on Dell EMC as a first-class entity and displays search results for both VMware Cloud SDDC and VMware Cloud on Dell EMC SDDC entities when searched for VMC SDDC.
• Supports flow search for different types of VMware Cloud entities including VMware Cloud and VMware Cloud on Dell EMC.
• Shows a list of VMware Cloud SDDCs and Policy Managers under the VMware Cloud section in the left navigation pane or in the homepage banner.
• Introduces a VMware Cloud dropdown with different types of VMware Cloud data sources in the Accounts and Data Sources workflow.
• Supports VMware Cloud on Dell EMC multi-rack.

VMware SD-WAN

Provides intent-driven analytics for continuous monitoring and troubleshooting of the network and application performance related issues:

• Provides ability to monitor and troubleshoot Edge uplink performance across some or all branches with insights to following:
  • QoE, jitter, latency, packet drops, and link uptime insights to troubleshoot applications and network performance degradation issues
• Provides ability to monitor and troubleshoot applications performance at specific Edge or all/multiple Edges with insights to following:
  • Packet drop and Round trip time for application performance degradation troubleshooting
• Provides ability to monitor and troubleshoot applications utilization at all VMware SD-WAN site
  • Traffic rate and Bandwidth utilization insights for selected applications at any particular Edge/Link

Platform Enhancements

• Introduces Streaming Databus to subscribe to real-time problem alerts and application changes.
• Supports adding notes in alerts and intents definitions. Use notes to mention contacts, further instructions, or other additional information when an alert is raised.

Application Discovery Improvements

• Provides support to export discovered applications as .csv and control the attributes that are part of the exported file.
• Provides an option to reconfigure platform when the flow based application discovery limits are reached.

ServiceNow Integration enhancements

• Provides instructions for ServiceNow integration capabilities based on the configured ServiceNow user permissions.
• Supports post-import application filtering to remove unwanted applications imports in vRealize Network Insight.

Others

• Adding vRealize Log Insight as a data source in vRealize Network Insight is deprecated in 6.4 as vRealize Network Insight directly works with NSX-T notification mechanisms to provide alerts and change information.
• Upgrade vRealize Network Insight using CLI is deprecated in 6.4. You can upgrade your setup using Online Upgrade or Single-Click Offline Upgrade.
• To install and upgrade vRealize Network Insight by using vRealize Suite Lifecycle Manager, see the vRealize Suite Lifecycle Manager Installation, Upgrade, and Management Guide.

Product Upgrade

The supported upgrade path is available at https://interopmatrix.vmware.com/#/Upgrade?productId=285.

Refer to the Upgrading vRealize Network Insight section for more information on the upgrade procedure.

Documentation

For additional information about new features, see the vRealize Network Insight documentation.

• Installing vRealize Network Insight
• Using vRealize Network Insight
• vRealize Network Insight FAQs
• vRealize Network Insight Command Line Interface Guide
• vRealize Network Insight API Guide

Note: As you use the vRealize Network Insight documentation, we want you to know that we value inclusion at VMware. To foster this principle within our customers, partners, and internal communities, we have updated some terminology in our documentation.

VMware Product Compatibility

The VMware Product Interoperability Matrix provides details about the compatibility of vRealize Network Insight with other VMware products.

VMware MIB Files

For MIB information, see Determining the MIB module listing, name, and type of an SNMP OID. You can download the SNMP MIB module file from the VMware Knowledge Base Article: 1013445.

Resolved Issues

• While running the RESTAPI service, no users are found in the configuration store. Due to this, the NSX configurations are not created intermittently.

• The HSRP/VRRP Configuration Error intent is not supported for Cisco ASR 9000 devices.

• Before upgrade, if the VeloCloud Edge Down Alert is open, the following two queries does not work after you upgrade the setup:

  • VeloCloud Edge Down Alert where Edge is set
  • VeloCloud Edge Down Alert where Edge = <EdgeName>

• If you type subnet address as CIDR notation in the Network Map path search, vRealize Network Insight might return an invalid result or traffic header outside the range of the subnet address.

• The Exclude criteria does not work for Console Access Password Protection Intent.

• Certain error messages do not change text as per the browser locale settings.

• ESXi hosts peered with a physical switch might have port type missing in the vRealize Network Insight model. Port mode mismatch intent does not raise an alert when that information is missing.

• When multiple STP ports configured on a single device that do not have a corresponding co-located HSRP/VRRP active, the HSRP/STP colocation intent raises a violation for only one interface from a set of 'n' interfaces.

• When HSRP/VRRP is configured with different virtual IP addresses for the same HSRP/VRRP group in two devices, the HSRP/VRRP Configuration Error intent misclassifies the misconfiguration as "Single HSRP/VRRP device found" for each of the misconfigured HSRP/VRRP interfaces instead of classifying the misconfiguration as "2 Active Master Interfaces".

• The enable_all and disable_all properties are ignored in the IPFIX request of the post and put calls for adding and updating the vCenter data source via public API.

• During vRealize Network Insight 6.3 deployment, the Copy Link on the Add collector VM page incorrectly points to vRealize Network Insight 5.3.0 download page.

  Download the vRealize Network Insight 6.3.0 collector OVA file from the Product Download page.

• Some of the real-time alerts will not be delivered to your Email or SNMP if you get the "Realtime stream processing has failed" error.

  To resolve the error, restart the REST API service on all the Platform nodes.

• In Network Map, during Paths search, traffic entering access ports may show both untagged traffic and traffic tagged with the access VLAN of the port. The second class of traffic may be incorrect for some data sources.

• After you upgrade to version 6.3, you may get "Data collection failed due to an error" or "Invalid Credentials" error message for VMC NSX Manager data source.

  Contact VMware Support for the resolution.

• After you upgrade to vRealize Network Insight 6.2, you may find some of the manually created applications show zero members. This problem occurs if the application member VM names contain space. 

  Workaround: To resolve this issue, see KB 85637.

• The Mail Server Configuration settings are not available in vRealize Network Insight.

• Unable to Collect data from the vRealize Network Insight collector as the collector crashes or shows a memory full error.

• Changes in the flow count are not reflected on the VMware NSX-T Manager.

• Layer 7 flows generated using the custom ports are not displayed in vRealized Network Insight.

• Unable to add the Huawei CE6865 data source in vRealize Network Insight.

• Unable to add the DNS BIND files to vRealize Network Insight due to the "Cannot acquire lock as other user request with id [***] dns upload operation in progress" error.

• Infrastructure health reports as poor due to a large SDM dropped data procesing error.

• Every occurrence of GenericReferenceProcessor and DeleteEntityProgram causes the Logical Switch to get bulky and this results in a high grid lag.

• After adding the Cisco UCS Manager as a data source, the ESXi hosts are not linked to the to UCS Manager.

• Multiple STP roots are supported in the HSRP/VRRP Active STP Root Colocation intent.

• For Arista and Dell devices, Port Mode Mismatch intent does not generate false alert for port-channels.

Known Issues

• [NEW] If Panorama fails to commit configuration changes to a Palo Alto gateway, vRealize Network Insight will continue to use the latest configuration present in Panorama, which may not be in sync with the policies enforced by the Palo Alto gateway.

• [NEW] The paths via tunnels if the ECMP (Equal Cost Multi Path routing) is enabled, may overlap with each other.

   

• [NEW] In case of Federation, vCenter must be added as a compute manager in VMware NSX-T for the global entity enrichment to work properly.

   

• [NEW] Some complex VM-VM paths in a VMware NSX-T Federation setup may exhibit cross-lines. Use the path labels to understand the path topologies for such paths.

• [NEW] Firewall masking event does not work for the Global firewall rule and the Applied To field is missing for Global Gateway Firewall Rules.

• [NEW] ServiceNow changed the data-modelling and storing of data for the applications discovered by the Service Mapping plugin with the Discoverable by Service Mapping configuration option. This change is not supported in vRealize Network Insight for ServiceNow based application discovery. vRealize Network Insight still supports applications discovered by Service Mapping with the Manual Endpoint configuration option.

• [NEW] Global Rules spanning across site do not show up in VM-VM path.

• [NEW] Under the Status column of the Application dashboard, some applications saved from the Flows application discovery tab show the error 'Unable to update application'. This is due to an issue in the data processing layer and this error does not affect the applications. You can use applications showing this error for planning, micro-segmentation, and troubleshooting without any issues.

• [NEW] If a data source is incorrectly shut down or restarted, then the corresponding thread pool is discarded, and this does not schedule new processes like collection of metrics.

  Restart the collector service to free the unused threads and reallocate them.

• [NEW] Invalid credentials error can occur on the VMware NSX-T data source if the VMware NSX-T added to vRealize Network Insight is upgraded.

  Re-enter the credentials.

• [NEW] Updates in the organization name done using the VMware Cloud Services Portal are not reflected in Fractal API response, as there is no data synchronization mechanism between the VMware Cloud Services Portal and the Fractal API. Fractal API returns the old organization name causing an inconsistency between the vRealize Network Insight and the VMware Cloud Services Portal organization name.

• [NEW] If UAA as OpenID Connect (OIDC) provider is enabled in VMware Tanzu Kubernetes Grid Integrated Edition, an 'Invalid data source config' error is shown in the VMware Tanzu Kubernetes Grid Integrated Edition data source.

• When HSRP/VRRP interface on the Active device goes down or is administratively down, the HSRP/VRRP Configuration Error intent does not raise an alert for the violation.

• When HSRP/VRRP interfaces at two devices are configured with the same matching Virtual IP address but have the protocol Group ID misconfigured, the HSRP/VRRP Configuration Error intent misclassifies that as "2 Active Master interfaces", instead of classifying it as 'Master interface doesn't know Standby'. 

• You cannot edit the SD-WAN Edge Uplink Utilization intents if you have set the is outside range threshold condition under the exception category.

  Re-enter the same values for “is outside range” condition.

• When the content of an open alert changes, vRealize Network Insight does not show the new value in the alert details.

• In the Network Map, the entity details window of the distributed switches does not show alerts that are originated from intents.

• You cannot see the unprotected flows for the Kubernetes service in the Micro-Segmentation Planning page.