VCF Operations for Networks: No flow data received for NSX-managed Distributed Virtual Port Groups (dvPGs)
Article ID: 435346
Updated On:
Products
Issue/Introduction
VCF Operations for Networks is unable to retrieve any flow data, and packet captures conducted at the Collector node show no UDP packets are being received on port 2055.
- NOTE: Flow data is sent from workloads on ESXi hosts attached to a vDS to the VCF Operations for Networks Collector, via UDP protocol, on port 2055.
Additional packet captures on the ESXi hosts verify that no UDP 2055 packets are being transmitted on the vmkernel interface that has Management services enabled.
NOTE: VCF Operations for Networks was formerly named Aria Operations for Networks (AON), and prior to that was named vRealize Network Insight (vRNI).
Environment
VCF Operations for Networks 6.14
Cause
vCenter may or may not be configured as a data source with IPFIX enabled.
- IPFIX is the feature associated with flow data being sent to VCF Operations for Networks Collectors.
However, if the vCenter is configured as a data source with IPFIX enabled, the vDS distributed Port Groups (dvPGs) of interest may be managed by NSX.
If the NSX Manager has not been configured as a data source with IPFIX enabled, this prevents IPFIX packets from being sent from ESXi hosts attached to the vDS for those specific networks.
Resolution
- Log into vCenter and select the Networking icon view
- For each vDS (Virtual Distributed Switch), examine the dvPGs (Distributed Virtual Port Groups) below the switch.
- Any of the dvPGs managed by NSX will have a small letter "N" attached to the icon, as in the screen shot below
- Log into the VCF Operations for Networks and select Settings --> Accounts and Data Sources
- Add the NSX Manager as a data source and configure IPFIX.
- This ensures flow data for any workload attached to an NSX-managed dvPG is sent from the ESXi hosts that are attached to the vDS, to the VCF Operations for Networks Collector.
- This ensures flow data for any workload attached to an NSX-managed dvPG is sent from the ESXi hosts that are attached to the vDS, to the VCF Operations for Networks Collector.
- Add the vCenter as a data source and configure IPFIX for the dvPGs that are strictly not managed by NSX.
- This ensures flow data for any workload attached to a dvPG that is not managed by NSX, is sent from the ESXi hosts that are attached to the vDS, to the VCF Operations for Networks Collector.
- Log into vCenter and select the Networking icon view
Additional Information
Reference documentation can be found at Tech Docs - Add VMware vCenter Server and Tech Docs - Add VMware NSX Manager
Further information on using packet capture techniques can be found in KB 423172 - No Flows are receiving flows from data sources in VCF Operations for Networks
Packet capture techniques for packets exiting ESXi hosts can be found in KB 341568 - Packet capture on ESXi using the pktcap-uw tool
Feedback
