Step 5: Create NSX-T Group and Service Chain
An NSX-T group and service chain must be created to redirect network traffic to the GigaVUE Cloud Suite. An NSX-T group defines which VMs are to be monitored. The service chain associates the GigaVUE Cloud Suite and map profile to the group.
Create Service Chain
The steps presented in this section create a service chain with the source virtual machines defined as the virtual machines in the applied groups. Additional configurations of the service chain are available. For additional details on creating security policies, refer to the “Service Composer” chapter of the NSX Administration Guide.
To create the service chain in NSX-T:
- Select Security > Network Introspection (E-W) and then click SERVICE CHAINS tab.
- On the SERVICE CHAINS tab, click ADD CHAIN.
- On the New Service Chain, do the following:
- In the Name and Description fields, enter name and description for the service chain, respectively.
- For Service Segments, select a service segment.
- Click Forward Path and a Set Forward Path dialog box appears.
- Select a Service Profile for Forward Path.
- For Reverse Path, select or deselect the Inverse Forward Path to define the direction of the traffic.
- For Failure Policy, specify whether to allow or block the service chain.
- Click Save. A Service Chain is created.
The new Service Chain is then updated in the NSX-T Virtual Maps page of GigaVUE‑FM.
Create Group
A group should be created that contains the VMs to forward NSX-T network traffic to the GigaVUE Cloud Suite.
To create the group, do the following in the NSX-T:
- In NSX-T, select Inventory > Groups. The Groups page appears.
- On the Groups page, click ADD GROUP.
- On the New Group, enter or select the values as follows.
- Enter a name for the new group.
- Click Set Members and the Select Members dialog box appears.
- Add or select Membership Criteria, Members, IP/MAC Addresses, and AD Groups.
- Enter the description for the group.
- Click Save and then a group is created and appears on the Groups page.
Create and Publish a Policy
A Policy is a set of rules defined to filter the traffic. A Policy is to be created and published for passing the traffic from NSX-T to the configured tunnel endpoint.
To create and publish a policy in NSX-T:
- Select Security > Network Introspection (E-W) and then click RULES tab.
- On the RULES tab, click ADD POLICY.
- On the New Policy, enter or select the values as follows:
- Enter a name for the policy.
- Select the Sources of the traffic.
- Select the Destinations of the traffic.
- Select the Services for the traffic.
- For Applied To field, select the appropriate groups.
- On Action field, specify whether to redirect the traffic or not.
- Click Publish. On publishing the rule/policy you can view the traffic flow from the V Series nodes to the tunnel endpoint.