VMware Networking Community
vmsysadmin20111
Enthusiast
Enthusiast
‎03-02-2022 10:08 AM
Jump to solution

NSX-T 3.2 - No Distributed Port Group found

Hello all,

I have NSX-T 3.2 installed, the ESXi cluster is enabled for Distributed Security and Overlay Networking, however the regular vDS portgroups are not discovered.

vmsysadmin20111_0-1646244251565.png

vmsysadmin20111_1-1646244457595.png

 

From the 3.2 Security Guide: "Starting NSX-3.2 release NSX supports vSphere Distributed Switch (VDS) 7.0 & 6.7 for security only usecase, where by user can define distributed security policies for workloads connected to Distributed Virtual Port-groups(DVPG)."

 

Does this mean that if the cluster configured for the overlay networking, the Distributed Security on the standard vDS portgroups is not available? The documentation wording is very confusing. Can someone please clarify?

 

Thanks!

Tags (1)
0 Kudos
1 Solution

Accepted Solutions
CyberNils
Hot Shot
Hot Shot
‎03-07-2022 12:33 AM
Jump to solution

You can't use both on the same VDS. Not sure where this is documented though, but saw it on an internal VMware presentation and also told by VMware.



Nils Kristiansen
https://cybernils.net/

View solution in original post

5 Replies
jeffersonc47
Enthusiast
Enthusiast
‎03-02-2022 10:26 AM
Jump to solution

I've had the same issue. There's a QuickStart wizard that you can use for security only use cases on a vDS (https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-E9FBE567-D136-41AF-B8D6-...). I've used that successfully. However it build all the profiles and such for me. If I want to do overlay also and build custom profiles, I can't get the vDS port groups to show up.

0 Kudos
vmsysadmin20111
Enthusiast
Enthusiast
‎03-04-2022 01:00 PM
Jump to solution

So nobody knows for sure if the Distributed Security on the vDS and overlay networking are mutually exclusive? Hello? VMware employees??

0 Kudos
CyberNils
Hot Shot
Hot Shot
‎03-07-2022 12:33 AM
Jump to solution

You can't use both on the same VDS. Not sure where this is documented though, but saw it on an internal VMware presentation and also told by VMware.



Nils Kristiansen
https://cybernils.net/
vmsysadmin20111
Enthusiast
Enthusiast
‎03-07-2022 09:30 AM
Jump to solution

Thank you for confirming!

0 Kudos
nreyesv79
VMware Employee
VMware Employee
‎12-15-2022 10:17 AM
Jump to solution

Not only you can't use on same vDS, the deployment mode are Security or Networking and Security, you can use only one of them, for Security only you can use vDS and PG to configure DFW rules, etc. For Net&Sec mode, you work as of today, only NSX-T segments can be used; it is documented on Reference Design Guide 3.2 v1.1.

Cheers