Which table on an ESXi host is used to determine the location of a particular workload for a frame-forwarding decision?
The MAC table on an ESXi host is used to determine the location of a particular workload for a frame-forwarding decision. The MAC table maps the MAC addresses of the workloads to their corresponding tunnel endpoint (TEP) IP addresses. The TEP IP address identifies the ESXi host where the workload resides. The MAC table is populated by learning the source MAC addresses of the incoming frames from the workloads. The MAC table is also synchronized with other ESXi hosts in the same transport zone by using the NSX Controller.
https://nsx.techzone.vmware.com/resource/nsx-reference-design-guide
An NSX administrator is using ping to check connectivity between VM1 running on ESXi1 to VM2 running on ESXi2. The ping tests fails. The administrator knows the maximum transmission unit size on the physical switch is 1600.
Which command does the administrator use to check the VMware kernel ports for tunnel end point communication?
The commandvmkping ++netstack=geneve -d -s 1572 <destination IP address>is used to check the VMware kernel ports for tunnel end point communication. This command uses the geneve netstack, which is the default netstack for NSX-T. The-doption sets the DF (Don't Fragment) bit in the IP header, which prevents the packet from being fragmented by intermediate routers. The-s 1572option sets the packet size to 1572 bytes, which is the maximum payload size for a geneve encapsulated packet with an MTU of 1600 bytes. The<destination IP address>is the IP address of the remote ESXi host or VM.References: : VMware NSX-T Data Center Installation Guide, page 19. : VMware Knowledge Base: Testing MTU with the vmkping command (1003728). : VMware NSX-T Data Center Administration Guide, page 102.
An NSX administrator Is treating a NAT rule on a Tler-0 Gateway configured In active-standby high availability mode. Which two NAT rule types are supported for this configuration? (Choose two.)
According to the VMware NSX Documentation, these are two NAT rule types that are supported for a tier-0 gateway configured in active-standby high availability mode. NAT stands for Network Address Translation and is a feature that allows you to modify the source or destination IP address of a packet as it passes through a gateway.
Destination NAT: This rule type allows you to change the destination IP address of a packet from an external IP address to an internal IP address. You can use this rule type to provide access to your internal servers from external networks using public IP addresses.
Source NAT: This rule type allows you to change the source IP address of a packet from an internal IP address to an external IP address. You can use this rule type to provide access to external networks from your internal servers using public IP addresses.
Which three security features are dependent on the NSX Application Platform? (Choose three.)
According to the VMware NSX Documentation, these are three of the security features that are dependent on the NSX Application Platform:
NSX Firewall: This feature provides distributed firewalling and micro-segmentation capabilities for network and application security. It allows you to create and enforce granular firewall rules based on various criteria such as identity, context, or tags.
NSX Distributed IDS/IPS: This feature provides distributed intrusion detection and prevention capabilities for network and application security. It allows you to detect and block malicious traffic based on signatures, behaviors, or anomalies.
NSX Network Detection and Response: This feature provides advanced threat detection and response capabilities for network and application security. It includes features such as Distributed Intrusion Detection and Prevention (IDS/IPS), Web Reputation Analysis, File and Process Analysis, and NSX Advanced Threat Prevention.
Which command Is used to test management connectivity from a transport node to NSX Manager?
A)
B)
C)
D)
According to the web search results, the command that is used to test management connectivity from a transport node to NSX Manager isget managers. This command displays the status, IP address, and thumbprint of the NSX Manager that the transport node is connected to. It also shows the connection state, which can be UP or DOWN. If the connection state is DOWN, it means that there is a problem with the management connectivity .
Currently there are no comments in this discussion, be the first to comment!