Introduction
Well, recently I was checking an issue for one of our customers, where NSX edges were not sending logs to their configured syslog server. I found the issue as interesting and decided to write a blog about it to clear the ambiguity about the DNS configuration in NSX edge.
Issue
After making sure connectivity is available and security ports are opened between the NSX edges and the syslog server, I checked the configuration of the NSX edge where I found that syslog server was configured using FQDN name and not IP address.
The NSX edge was unable to resolve the FQDN name of the syslog server and hence failing to send logs to it.
As per the below VMware article, the syslog server must be configured as an IP address, because the ESG/DLR Control VM does not get configured with a DNS resolver.
https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.4/com.vmware.nsx.troubleshooting.doc/GUID-C31DAAB8-FB4A-419E-8F4A-5E61266FB0FD.html
However, this can be solved by configuring DNS client via REST API.
Resolution
First, It is vital to clarify the below points:
The DNS specified in the NSX edge UI is for DNS relay and caching and not for DNS resolution.
If you want your edge to resolve a syslog FQDN, you need to configure DNS client via the below REST API call.
So, we solved our issue by configuring a DNS client for the NSX edge via REST API call as per the here under:
After running the REST API call, you will receive a “204 No Content” status indicating that the PUT REST call has been executed successfully.
You should be able now to resolve the syslog server FQDN successfully from the NSX edge appliance.
Thanks for reading,
Hope this post is informative,
Mohamad Alhussein