VMware NSX

Hello community

We have to migrate Datacenter from location in two different sites
we have NSX-T Federation 3.2.0 to manage the migration of the two sites and we want to export the groups, services, rules, etc. from DFW on the other site

Unfortunately, in version 3.2.0 of NSX-T for Federation, when configuring Site A's location manager, the option to import discovered objects from Site A's local manager to the NSX-T Global Federation Manager is disabled.

Unfortunately upgrading NSX-T from 3.2.0 to 3.2.1 is impossible for us because my environment is very large (about 2500 VMs) and the migration process takes a long time.

We use NSX-T only for security functions and I use it to implement DFW rules

Is there a way to export these objects from NSX-T Site A to NSX-T Site B, either through a VMware tool, a 3rd party tool, some scripts that can help us through API calls or using PowerCLI, or some Work Around to do this task?

I would appreciate any information related to this topic.

Hi,

You can use RestNSX as a third party tool but it will cost associated with it. There are couple of helper scripts for DFW backup and restore which you can give a try.

Use file - nsx-dfw-backup-n-restore.py

Or, there is another blog by Luca to export dfw rules without exporting System Owned entries, which you can refer as well and using Patch API you can import exported rules.

Blog - https://lucacamarda.wordpress.com/2020/08/20/exporting-the-nsx-t-dfw-configuration-via-the-policy-api/

Script Location - https://github.com/lcamarda/blog/blob/master/nsxt_export_dfw.py

Please note, these are community scripts and as with any script, should be well tested before running in production to avoid any unfore.

Thanks  

The lucamarada scripts served my purpose of exporting the DFW rules.

Cheers

Many thanks for the tips