VMware NSX

We have dedicated uplinks on all our hosts for the NSX-T NVDS switch. The uplinks are formed from UCS B200 blade servers with dedicated NVDS vNICs consisting of vLAN groups. There are a number of vLANs which I'd like to check if they are still carrying traffic to the hosts' NVDS uplinks before I remove them from the UCS side. Is there an easy way to check if the vLANs are used from within the NSX-T portal? We have vCenter 7.0u3r, ESXi 7.0u3q and NSX-T 3.2.4.0.

Most of the vLANs have no attachment to VMs in the vCenter. However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?

Hello,

In the NSX-T Manager UI, you can go under Fabric-->Uplink Profiles and for each uplink profile you can clearly see the VLAN ID its using. Hope this answers what your looking for.

Regards

Sriram

We have dedicated uplinks on all our hosts for the NSX-T NVDS switch. The uplinks are formed from UCS B200 blade servers with dedicated NVDS vNICs consisting of vLAN groups. There are a number of vLANs which I'd like to check if they are still carrying traffic to the hosts' NVDS uplinks before I remove them from the UCS side. Is there an easy way to check if the vLANs are used from within the NSX-T portal? We have vCenter 7.0u3r, ESXi 7.0u3q and NSX-T 3.2.4.0.

Most of the vLANs have no attachment to VMs in the vCenter. However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?

Hello,

In the NSX-T Manager UI, you can go under Fabric-->Uplink Profiles and for each uplink profile you can clearly see the VLAN ID its using. Hope this answers what your looking for.

Regards

Sriram

We have dedicated uplinks on all our hosts for the NSX-T NVDS switch. The uplinks are formed from UCS B200 blade servers with dedicated NVDS vNICs consisting of vLAN groups. There are a number of vLANs which I'd like to check if they are still carrying traffic to the hosts' NVDS uplinks before I remove them from the UCS side. Is there an easy way to check if the vLANs are used from within the NSX-T portal? We have vCenter 7.0u3r, ESXi 7.0u3q and NSX-T 3.2.4.0.

Most of the vLANs have no attachment to VMs in the vCenter. However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?

Hello,

In the NSX-T Manager UI, you can go under Fabric-->Uplink Profiles and for each uplink profile you can clearly see the VLAN ID its using. Hope this answers what your looking for.

Regards

Sriram

We have dedicated uplinks on all our hosts for the NSX-T NVDS switch. The uplinks are formed from UCS B200 blade servers with dedicated NVDS vNICs consisting of vLAN groups. There are a number of vLANs which I'd like to check if they are still carrying traffic to the hosts' NVDS uplinks before I remove them from the UCS side. Is there an easy way to check if the vLANs are used from within the NSX-T portal? We have vCenter 7.0u3r, ESXi 7.0u3q and NSX-T 3.2.4.0.

Most of the vLANs have no attachment to VMs in the vCenter. However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?

What Sriram was trying to tell you Julian - if you dont have any VM connected to any of those portgroups in vSphere (which you could also see from within the NSX Segment UI), there could still be a possibility that a NSX Transport Node (for Overlay Traffic) could use this VLAN for Overlay traffic.

However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?

-> thats the case for Transport (or Overlay traffic with GENEVE, whatever term you prefer) or Routing VLANs from the T0-GWs. The latter ones though would have connected segment ports within those VLAN Segment visible in the NSX UI (Networking -> Segments).

For the Transport/Overlay traffic (GENEVE protocol) this could be checked as Sriram wrote, by looking at your Uplink Profiles and within those the Transport VLAN ID.

If you want to check, as you mentioned, ONLY if a VLAN is carrying traffic, just capture from UCS side if your VICs see any packets going through with those VLAN IDs, or at your physical layer. NSX is not a flow monitoring tool.

You could also use the ESXi CLI or NSXCLI and capture packets there to see if a VLAN ID is currently in use.

But what if that one ESXi is not at all, or not currently at that time when you are looking, still carrying traffic on that VLAN? 
IMHO checking if any segment port is still in use wthin NSX or if the VLAN is used for Transport is the best and quickest way.

BR
Steffen

https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.networking.doc/GUID-5CE50870-81A9-457E-BE56-C3FCEEF3D0D5.html

https://knowledge.broadcom.com/external/article/345925/troubleshooting-nsxt-using-packet-captur.html

https://spillthensx.com/nsx-t-data-path-troubleshooting-using-nsxcli-capture/

https://vdc-download.vmware.com/vmwb-repository/dcr-public/8bc4a9b3-b4fb-447a-a97b-1452c22d6d5d/8537fe7f-36fd-4122-b1a4-fab306cc279d/cli_doc/index.html -> search for "packet capture"

Hello,

In the NSX-T Manager UI, you can go under Fabric-->Uplink Profiles and for each uplink profile you can clearly see the VLAN ID its using. Hope this answers what your looking for.

Regards

Sriram

We have dedicated uplinks on all our hosts for the NSX-T NVDS switch. The uplinks are formed from UCS B200 blade servers with dedicated NVDS vNICs consisting of vLAN groups. There are a number of vLANs which I'd like to check if they are still carrying traffic to the hosts' NVDS uplinks before I remove them from the UCS side. Is there an easy way to check if the vLANs are used from within the NSX-T portal? We have vCenter 7.0u3r, ESXi 7.0u3q and NSX-T 3.2.4.0.

Most of the vLANs have no attachment to VMs in the vCenter. However i believe in NSX-T you can create vLANs which don't "appear" to be used in vCenter however still carry traffic thru NSX?