NAPP Behavior During Network Outage
search cancel

NAPP Behavior During Network Outage

book

Article ID: 369750

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

During a network maintenance window, whether NAPP can be left running during this migration or it needs to be shut down.

Below are some of the maintenance scenarios :

Here are some examples of network maintenance that may impact NAPP:

Network switch upgrades: Upgrading or replacing network switches can cause a brief outage or disruption to NAPP.
Router maintenance: Performing maintenance on routers, such as upgrading firmware or replacing hardware, can cause a brief outage or disruption to NAPP.
Network segmentation changes: Changing network segmentation or VLAN configurations can cause NAPP to experience connectivity issues or downtime.
Network interface changes: Changing network interface settings, such as IP addresses or subnet masks, can cause NAPP to experience connectivity issues or downtime.
Network device restarts: Restarting network devices, such as switches or routers, can cause a brief outage or disruption to NAPP.
Network firmware updates: Updating firmware on network devices can cause a brief outage or disruption to NAPP.
Network configuration changes: Making changes to network configurations, such as changing DNS or DHCP settings, can cause NAPP to experience connectivity issues or downtime.
Network security updates: Applying security patches or updates to network devices can cause a brief outage or disruption to NAPP.
Network monitoring and troubleshooting: Performing network monitoring and troubleshooting activities, such as packet captures or network scans, can cause a brief outage or disruption to NAPP.
Network infrastructure upgrades: Upgrading or replacing network infrastructure, such as upgrading to a new network core or edge device, can cause a brief outage or disruption to NAPP.

 

Environment

NAPP 4.1.2 / 4.1.2.1

Resolution

No shutdown procedure is needed for NAPP during the migration. NAPP can be left running and will automatically recover once the network connectivity is restored.

When network connectivity is lost , NAPP will experience the following issues:


(1) Unresponsive NAPP UI (via NSX):  The NAPP UI will be unresponsive and inaccessible via the NSX console or web interface. This issue will be observed on the NSX management plane.


(2) Alarms are generated: Alarms will be generated in the NSX management plane, indicating that the NAPP is experiencing issues due to the loss of network connectivity.


(3) TN Flow Exp Disconnected: The TN Flow Export (TNE) will be disconnected, causing any ongoing flows to be terminated. This issue will be observed on the NSX data plane.


(4) NAPP status degraded: The NAPP status will be degraded, indicating that the system is not functioning properly due to the loss of network connectivity. This issue will be observed on the NSX management plane.


(5) Manager disconnected: The NSX manager will be disconnected from the NSX management plane, causing any ongoing management tasks to be terminated. This issue will be observed on the NSX management plane.


(6) Management channel to TN down: The management channel between the NAPP manager and the NSX management plane will be down, preventing any management tasks from being performed. This issue will be observed on the NSX management plane.

(7) Control channel to TN down: The control channel between the NAPP controller and the NSX data plane will be down, preventing any control plane operations from being performed. This issue will be observed on the NSX data plane.

(8) Metrics delivery failure: Metrics delivery from the NAPP to the NSX management plane will fail, causing any ongoing monitoring and reporting to be terminated. This issue will be observed on the NSX management plane.

(9) Controller & Worker nodes show as down: The NAPP controller and worker nodes will show as down, indicating that they are not functioning properly due to the loss of network connectivity. This issue will be observed on the NSX management plane.

(10) Pods are in Pending/CLBO state: The NAPP pods will be in a pending or CLBO (Container Lifecycle Bootstrapping) state, indicating that they are not functioning properly due to the loss of network connectivity. This issue will be observed on the NSX management plane


When network connectivity is restored, the controller and worker nodes will come back online, followed by the pods stabilizing and the NAPP UI becoming accessible again.