Hey,

I have been playing around with vRNI last week and before I am going to write an article about some use cases and about the features I am first going to tell you what I had to do to actually make it work.

Detailed steps for this exercise are found on my wiki because I believe this can be better documented in wiki format.

One very important thing is that IPFIX traffic needs to be able to flow from wherever to the vRNI proxy.
Of course IPFIX needs to be enabled as well and if everything goes right vRNI will enable IPFIX and do the necessary things in order to make it work the moment you configure Data Sources.

For me this was unfortunately not the case.

After troubleshooting this with some internal VMware guys it appeared that vRNI did not automatically created the firewall rule to permit UDP/2055 (IPFIX).
After removing / re-enabeling the DataSource a few times the rule still was not added.

So I decided to add it in myself.
So I used google again and I stumbled onto this and this article.

Adding a rule to the ESX server by altering the /etc/vmware/firewall/rules.xml file will not make the change persistent.
When the host gets a reboot the newly added rule will be deleted.

So I used Google again and I stumbled onto this and this article.

Even tough this is documented I still thought this could be documented in a better fashion so this where the steps that I took to add the IPFIX rule in and make it persistent:

  1. Download Download SUSE Linux Enterprise Server 11 SP2
  2. Install SUSE Linux Enterprise Server 11 SP2
  3. Install the prerequisites for installing the VIB Author fling
  4. Install the VIB Author fling
  5. Create the directory structure needed
  6. Create a descriptor.xml file
  7. Create the .xml file with the actual firewall rule
  8. Create the VIB and offline VIB
  9. Get the VIB of the SUSE Linux Enterprise Server and place it on the ESX Host
  10. Install the VIB
  11. Verify if the firewall rule is there

Detailed steps for this exercise are found on my wiki because I believe this can be better documented in wiki format.

 

Comments are closed.