NSX Guest Introspection VMs Network Port Requireme...

mrdlnf80 · ‎09-13-2016

Hi All,

I have a requirement to put Guest Introspection VMs in different subnet with vCenter, ESXi and NSX Manager. My question is what is the network port requirement between GI VMs and vCenter/ESXi/NSX Manager? I am trying to search in the KB but just found this KB https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=20793... and there is no information regarding the network port between GI VMs and vCenter/NSX/ESXi.

Thanks alot

yantothen · ‎09-20-2016

Hi,

Based on my understanding:

- Like NSX Manager, NSX Controller and NSX Edge, GI SVM is excluded from DFW.

- Communication between GI SVM and ESXi host that it is running on is internal communication, I am not sure why you need to know this for your deployment as the traffic is not going out of the ESXi host.

Nevertheless, there is this 'epsec-mux' driver on the ESXi host that provide the internal communication between the GI SVM and the thin agent running on the VM (part of VMware Tools).

- GI SVM needs to communicate with NSX Manager with RABBITMQ (TCP Port 5671).

- There seems to be no direct communication between GI SVM with vCenter, but I may be mistaken and the experts in this community may be able to provide more information on this..

Thanks,

yantothen

blog.ipcraft.net

All

NSX Guest Introspection VMs Network Port Requirement