- General Workflow
- play_arrow Apstra GUI
- play_arrow Design
- Logical Devices (Datacenter Design)
- Interface Maps (Datacenter Design)
- Rack Types (Datacenter Design)
- Templates (Datacenter Design)
- Config Templates (Freeform Design)
- play_arrow Configlets (Datacenter Design)
- play_arrow Property Sets (Datacenter Design)
- TCP/UDP Port Aliases (Datacenter Design)
- Tags (Design)
- play_arrow Devices
- Device Configuration Lifecycle
- play_arrow Managed Devices
- play_arrow System Agents
- play_arrow Pristine Configuration
- play_arrow Telemetry
- play_arrow Apstra ZTP
- play_arrow Resources Introduction
- play_arrow Datacenter Reference Design
- Create / Delete Datacenter Blueprint
- Datacenter Blueprint Summary and Dashboard
- Assign Physical Resources (Datacenter)
- Assign Device Profiles
- play_arrow Configlets (Datacenter Blueprint)
- Topology (Datacenter)
- play_arrow Nodes (Datacenter)
- Assign Device (Datacenter)
- Unassign Device (Datacenter)
- Set Deploy Mode (Datacenter)
- Generic Systems vs. External Generic Systems
- Add Generic System
- Add External Generic System
- Add Access Switch
- Update Node Tags
- Update Port Channel ID Range
- Edit Hostname (Datacenter)
- Edit Generic System Name
- Edit Device Properties (Datacenter)
- View Node's Static Routes
- Delete Node
- play_arrow Links (Datacenter)
- Add Links to Leaf
- Add Links to Spine
- Add Links to Generic System
- Add Links to External Generic System
- Add Leaf Peer Links
- Form LAG
- Break LAG
- Update LAG Mode
- Update Link Tags
- Update Link Speed
- Update Link Properties
- Delete Link (Datacenter)
- Import / Export Cabling Map (Datacenter)
- Edit Cabling Map (Datacenter)
- Fetch Discovered LLDP Data (Datacenter)
- play_arrow Racks (Datacenter)
- play_arrow Pods (Datacenter)
- play_arrow Planes (Datacenter)
- play_arrow Virtual Networks
- play_arrow Routing Zones
- Static Routes (Virtual)
- Protocol Sessions (Virtual)
- Data Center Interconnect (DCI) / Remote EVPN Gateways (Virtual)
- play_arrow Virtual Infra (Virtual)
- play_arrow Endpoints Overview (Virtual)
- play_arrow Policies (Datacenter) Staged
- Logical Devices (Datacenter Blueprint)
- Interface Maps (Datacenter Blueprint)
- play_arrow Property Sets (Datacenter Blueprint)
- AAA Servers (Datacenter Blueprint)
- Tags (Datacenter Blueprint)
- Tasks (Datacenter) Staged
- play_arrow Connectivity Templates
- play_arrow Primitives
- Virtual Network (Single) Primitive
- Virtual Network (Multiple) Primitive
- IP Link Primitive
- Static Route Primitive
- Custom Static Route Primitive
- BGP Peering (IP Endpoint) Primitive
- BGP Peering (Generic System) Primitive
- Dynamic BGP Peering Primitive
- Routing Policy Primitive
- Routing Zone Constraint Primitive
- User-defined
- Pre-defined
- Create Connectivity Template for Multiple VNs on Same Interface (Example)
- Create Connectivity Template for Layer 2 Connected External Router (Example)
- Assign Connectivity Template
- Edit Connectivity Template
- Delete Connectivity Template
- play_arrow Active (Datacenter Blueprint)
- BGP Route Tagging
- play_arrow Freeform Reference Design
- Create / Delete Freeform Blueprint
- Freeform Blueprint Summary and Dashboard
- Topology (Freeform)
- play_arrow Systems (Freeform)
- Device Context (Freeform)
- play_arrow Links (Freeform)
- play_arrow Resource Management
- play_arrow Config Templates (Freeform Blueprint)
- Import Device Profile (Freeform)
- play_arrow Property Sets (Freeform Blueprints)
- play_arrow Tags (Freeform Blueprint)
- Tasks - Staged (Freeform)
- play_arrow Active
- Commit Blueprint
- Time Voyager
- play_arrow Analytics
- Configure Auto-Enabled Dashboards
- Instantiate Predefined Dashboard
- Create Analytics Dashboard
- Edit / Delete Dashboard
- Anomalies (Analytics)
- Widgets Overview
- Create Anomaly Heat Map Widget
- Create Stage Widget
- Edit / Delete Widget
- Probes
- Instantiate Predefined Probe
- Create Probe
- Import / Export Probe
- Edit / Delete Probe
- play_arrow Providers (External Systems)
- play_arrow Platform
- play_arrow User/Role Management (Platform)
- play_arrow Security (Platform)
- Syslog Configuration (Platform)
- Receivers (Platform)
- Global Statistics (Platform)
- Event Log (Platform)
- play_arrow Apstra VM Clusters
- play_arrow Developers (Platform)
- play_arrow Juniper Technical Support
- Favorites & User
- play_arrow Apstra Server Management
- Monitor Apstra Server via CLI
- Restart Apstra Server
- Reset Apstra Server VM Password
- Reinstall Apstra Server
- Apstra Database Overview
- Back up Apstra Database
- Restore Apstra Database
- Reset Apstra Database
- Migrate Apstra Database
- Replace SSL Certificate on Apstra Server with Signed One
- Replace SSL Certificate on Apstra Server with Self-Signed One
- Change Apstra Server Hostname
- Apstra CLI Utility
- play_arrow Guides
Hypervisor and Fabric VLAN Config Mismatch Probe (Virtual Infra)
Hypervisor & Fabric VLAN Config Mismatch Probe Overview
| Purpose | Calculate VLAN mismatch between configured virtual networks on leaf devices and VLANs needed by VMs running on hypervisors attached to leaf devices. (Formerly known as Virtual Infra VLAN Match). Detects misconfiguration of hypervisor trunk logical switches when VLAN tag is configured inside a VM (not on the bridge itself) (as of Apstra 4.1.0). | ||||||||||||||||
| Source Processors |
| ||||||||||||||||
| Additional Processor(s) |
|
Usage with NSX-T Integration
- From the blueprint, navigate to Analytics > Probes
and click Hypervisor & Fabric VLAN Config Mismatch in
the probe name list to go to its details. When the VLANs between the data center
fabric and the NSX-T transport nodes match, then the probe looks similar to the
image below:
- Click the Fabric VLAN Configs stage to show the VLANs
tagged towards NSX-T transport nodes on fabric ToR leaf devices as shown below:
- Click the Common in Fabric and Hypervisor stage to show
that VLANs in the NSX-T transport nodes and the fabric match.
If the VLAN defined in the Uplink Transport Zone used for BGP peering is modified
in the NSX-T Manager, then VLAN mismatch anomalies are raised. 
Some other reasons for mismatching include the following:
- If the configured VLAN NSX-T transport node is missing in the fabric.
- If the configured VLAN NSX-T transport node is in the fabric, but the end VMs or servers are not part of this virtual network or VLAN.
- If a segment is created in NSX-T for either an overlay or VLAN-based transport zone. It could be that the configured VLAN spanning the logical switch/segment on the transport node is missing on the fabric.
- If L2 bridging for VMs in different overlay logical segments is broken because one VM exists in one logical switch/segment and the other VM exists in a separate uplink logical switch/segment.
As an example, a VLAN is missing in NSX-T 3.0 Host Transport node on the Overlay
segment connected to ToR leaf devices and respective VXLAN VN is present in
Juniper Apstra Fabric and ports towards Hypervisors are assigned in a Virtual
Network based Connectivity Template as below: 
A Hypervisor missing VLAN Configs anomaly is raised as
shown below: 
In some scenarios, a VLAN mismatch anomaly can be remediated. If so, the Remediate Anomalies button appears on the probe details page as shown in the screenshot above. Example scenarios include:
- NSX-T transport nodes use an uplink profile to define transport VLAN over which overlay tunnel comes up. Fabric could be missing the rack-local VN for transport VLAN on hypervisors. One-click remediation can be provided by creating a new rack-local virtual network with the proper VLAN ID in the fabric.
- A rack-local virtual network is defined with VLAN ID Y, however, the connected virtual infra nodes (i.e hypervisors) do not have the VLAN ID in the logical segment/switch. One-click remediation can be provided by removing the endpoint from the affected VLAN ID.
If the Remediate Anomalies button appears under the stage
name, you can click it to automatically stage the changes required to remediate
the anomaly. You can see the staged changes on the
Uncommitted tab. 
Review the staged configuration, add any necessary resources (such as IP subnet address, virtual gateway IP, as so on), then commit the configuration.
Usage with VCenter Integration
Some anomalies, that are raised because of a VLAN config mismatch between vCenter and the fabric, can automatically be remediated, such as the following.
- If the vCenter Distributed Virtual Switch (vDS) port group does not have a corresponding rack-local VN (VLAN) for VLAN ID X. With one-click remediation, a new rack-local virtual network (VLAN) with the proper VLAN ID is created.
- If endpoint X in a rack-local VN with VLAN ID Y, does not have a corresponding dVS port group. With one-click remediation, the endpoint is removed from the affected VLAN ID.
Note
vCenter vDS must be used with VLAN specific ID allocation on the port group for L2 network segmentation at the hypervisor level.
A VLAN-based rack-local virtual network is extending each VLAN segment defined on the vDS, across servers within the same rack. For example, vDS port group VLAN 10 = rack-local virtual network with VLAN 10.
For more information about this probe, from the blueprint, navigate to Analytics > Probes, click Create Probe, then select Instantiate Predefined Probe from the drop-down list. Select the probe from the Predefined Probe drop-down list to see details specific to the probe.
