Author: admin

Posted on

NSX-T password reset

In NSX-T password reset is done through GRUB menu. By default GRUB menu is not enabled.We need to enable GRUB on root mode.To reset password for NSX-T manager first check the NSX-T version that is being in use.

Step1: Enable GRUB menu when you have root password

Step2:Reset password once you have GRUB mode enable

Step3:Enabled GRUB menu when root password is forgotten

The above steps are described in details as below

Step1: Enable GRUB menu when you have root password.

GRUB mode menu enabled by login to root mode. So root mode password is required.
However, if you have root mode password then you can easily reset admin password no need to bother about grub and all. So it seems chicken & egg problem.
Follow below VMware document based on your NSX version to enable GRUB menu.
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/installation/GUID-4630C9D5-71FB-4991-AC1D-9FDBA0B86120.html
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/installation/GUID-4630C9D5-71FB-4991-AC1D-9FDBA0B86120.html
https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-4630C9D5-71FB-4991-AC1D-9FDBA0B86120.html

Check if GRUB is enabled or not from grub file located at /etc/default/grub. Note If you see any value Infront of keyword GRUB_TIMEOUT or GRUB_HIDDEN_TIMEOUT it means grub menu is enabled.
Refer below snip

Step2: Reset password once you have GRUB mode enable.

Once you enable GRUB mode then you can easily reset the password following below document. Note you must authenticate with GRUB password before you reset root and admin password.

Each version of NSX-T has its own GRUB password. Follow below link to check GRUB password and reset steps.

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-8816B842-2EC4-40A8-A618-F68DB29FABD2.html

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/administration/GUID-8816B842-2EC4-40A8-A618-F68DB29FABD2.html

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-8816B842-2EC4-40A8-A618-F68DB29FABD2.html

In case you forget the root, password, and admin both and want to reset it then the only option we have is to enabled GRUB MENU. Follow below steps to enabled GRUB.

Note: this is not official recommended procedure, the steps mentioned below are taken from website https://thefluffyadmin.net/?p=1455

Continue reading “NSX-T password reset”

Posted on

TCPdump commands and parameter

Today we will cover tcpdump tool. Tcpdump is a packet analyzer tool just like wireshark.
It run under command line interface. It help you to capture data packets on low level to understand what is going on inside the packet.
You can run tcpdump on linux/unix based operating systems.

Syntax for tcpdump
tcpdump <paramter>

e.g tcpdump -i eth0

Basic parameter of tcpdump
-i : Specify the network interface to listen on
-c : Number of packets which needs to be captured.
-w : Write the captured packets to a file for later analysis
-r : Read packets from a file instead of capturing from a network interface
-n: Do not resolve hostnames, display IP addresses only
-X: Display both hexadecimal and ASCII representations of packet data
-v: Increase verbosity level
-e: Print the link-level header on each dump line
-q: Quiet output, print less information

Operators in tcpdump:
– and ,&& —–This is used to concatenate two parameter
– or, ||         —–This is or operator used to match any one of the mentioned parameter
– not, !        —–This negate the mentioned parameter
– < – >          —-Less than ,greater then parameter

Let’s take some example
Lets capture packets for eth0 interface for count of 4 packet in default mode.
I will now use any parameter
1. tcpdump -i eth0

You can see we don’t have any header details here, lets add switch -e parameter to display link layer header.

Now you can see the header details, mac address and ether type. Let’s add parameter -n this will show the host name as ip address in out packet capture.

Now we see the source and destination as ip address instead of hostname. To get more details about the header we can add -v parameter

If you want to see more details about the header, then keep adding more verbose -v parameter.

Now I want to write these packet details into file, so that I can read later or I can open in wireshark. Let’s use -w parameter to write file of tcpdump packet. I will save these files with name test.pcap

Read this file test.pcap by using -r parameter.

By default, read parameter do not show all packet header details. Use verbose parameter and other parameter to see details.

Few examples for different combination

1.Capture using mac address filter.

2.Capture all packet with ip address 192.168.110.70

3.Capture packet with ip address 192.168.110.70 & 192.168.110.70. Here anyone can be source or destination.

4.Capture packet with source ip address

5.Capture packet with destination ip address

6.Capture packet of source and destination IP address

7.Capture packet by ports

8.Capture packet on ip and ports

9.Capture using or operator or combination of or and operator

10.Capture using protocol address

11.Using not operator to filter traffic

12.Capture the packets for range of ports

13.Capture packets of specific networks

Posted on

ESXI command lists

1.Nic, Drivers, Stats,vmk,port_num related commands

2.Swtich related commands

3.NIC, vmk, up,down,lacp related commands

4.Module related commands

5.NSX firewall related commands

6.ESX routing related commands

7.VDR,vDL2 related commands

1.Nic, Drivers, Stats,vmk,port_num related commands

esxcli network nic list

Check the physical vmnic associated with the host. This will show all the vmnic physical adapter and its state.It will show the Admin and link status.

esxcli network nic get -n vmnic<vmnic_number>

This command will show you more details about physical vmnic adapter , like fireware version, driver, negotiation details etc.

esxcli network nic stats get -n <vmnic_number>

Now lets say customer have issue in his environment or there is intermittent packet drop on host level or any issue with host specific or vmnic. In that case you can run this command and see the active counter for drop in receive/transmit packet.

net-stats -l

Get the port number of particular VM , this portNum can be used to take packet capture on VM port or to get VM portNum stats.The command can be used with grep to find the portNum of specific VM.

esxcli network port stats get -p <port_number of particular VM>

Use the PortNum of of the VM to check the stats of VM Ports.Run this

Posted on

NSX-T Upgrade step by Step

NSX-T upgrade from 3.2.1 to 3.2.2

Today we will perform NSX-T upgrade and its operation.

  1. Overview
  2. Upgrade coordinator
  3. Precheck
  4. Upgrade edge
  5. Upgrade host
  6. Upgrade management/controller
  7. Post check
  8. Rollback
  9. Log review in case of any issue.
  10. Summary
  1. Overview

NSX-T upgrade process depends on the number of components you have in your infrastructure. Before proceeding the upgrade you must check the upgrade path and interop matrix with respect to your NSX-T upgrade. Check if the component in your infrastructure is compatible with the new NSX-T version or not.

https://interopmatrix.vmware.com/Interoperability

The upgrade path will show if the upgrade of NSX-T is support from your current version to the target version or not. In our case the target version is 3.2.1.1

https://interopmatrix.vmware.com/Upgrade

Check the known issue and resolved issue for this version of NSX-T in release notes.You will find these details on VMware release notes.

Continue reading “NSX-T Upgrade step by Step”
Posted on

HTTP Archive(HAR) File

HAR stands for http archive. This is a file format used to capture network/API information between browsers and web/application server.

This is also used for identifying performance issues such as slow load times and page  rendering problems etc.

The HAR file information is stored in JSON format which means in order to visualize the details we need some tool which have view the Jason file inside HAR. We say such tools as HAR viewer.

Steps to proceed with HAR file.

1.Capture the HAR file details in browsers

2.Save the HAR file

3.Analyze HAR file

Continue reading “HTTP Archive(HAR) File”
Posted on

NSX-T Architecture

NSX-T Architecture

The diagram depicted above is a high level NSX-T architecture that I will explain today.

NSX manager and its cluster communication with transport nodes through APH server (Application Proxy Hub)

All transport node connect with NSX-T component using NSX-Proxy service.

Transport node connect with NSX-Manager on port 1234 and CCP(Central control plane) on port 1235

In NSX-T  have its own NSX-RPC for used as messaging queuing between manager and transport node.

Before NSX-T 2.5 or NSX-V it was rabbitmq messaging queuing protocol use for communication between manager and ESXI nodes

Continue reading “NSX-T Architecture”