Traceflow within NSX for VLAN backed Network
search cancel

Traceflow within NSX for VLAN backed Network

book

Article ID: 317776

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

To perform trace flow for the vlan-backed segment and to inspect the DFW Packets.

Symptoms:

By default, Traceflow within NSX is available only for NSX-T overlay segments.
Performing for VLAN Backed segments is not supported currently in versions 3.1.x and lower.
 
Error:
Traceflow request failed. The request might be cancelled because it took more time than normal. Please retry. Error Message: Traceflow intent /infrattraceflows/<xxx> realized on enforcement point /infraisitesidefault/enforcernent-points/default with error Traceflow does not support vlan switch for port: LogicalPort/<>/infra/segments/dvportgroup-<>/ports/default:<>
 

Environment

VMware NSX-T Data Center

Cause

By default, Traceflow within NSX is available only for NSX-T overlay segments also no option is available to enable for Vlan-backed network In-band Network Telemetry (INT) in NSX-T version 3.1.x and lower versions.

Resolution

Additional features have been enabled on the release of NSX-T 3.2.0.1 where we can perform Traceflow for VLAN-Backed Network, by enabling In-band Network Telemetry (INT).
 
Please be informed, by default Traceflow is permitted only for overlay-backed Segments..

Reference:

 
Steps to enable In-band Network Telemetry (INT) to trace VLAN backed network.
Step1:

GET https://<nsx mgr>/policy/api/v1/infra/ops-global-config
 
Sample Lab output:
 

Make a note of the _revision as we will use this for your next call.
Make a new call with the following information:
 
Step2:

PUT https://<nsx mgr>/policy/api/v1/infra/ops-global-config
 
Body:
{
    "display_name": "ops-global-config",
    "in_band_network_telementry": {
        "dscp_value": 2,
        "indicator_type": "DSCP_VALUE"
    },
    "path": "/infra/ops-global-config",
    "relative_path": "ops-global-config",
    "_revision": 0
}

Traceflow passes through for the same vlan-backed segment post enabling In-band Network Telemetry (INT).

 


Additional Information

If you are contacting Broadcom support about this issue, please provide the following:

  • NSX Edge log bundles for affected Edges in the Edge Cluster
  • Ensure log date range covers the full date of the event(s) being investigated. When in doubt, retrieve logs for all time.
  • NSX Manager log bundles
  • ESXi host log bundles for all hosts supporting affected Edge VMs
  • Text of any error messages seen in NSX GUI or command lines pertinent to the investigation

Handling Log Bundles for offline review with Broadcom support

Powered by Wolken Software