Virtualization and Cloud

VCF 9 Lab Network Pre-Requisites — Farrukh Hanif Technical Blog  |  VCF 9 Home Lab Series VCF 9 Lab Network Pre-Requisites Arista Switch Configuration, VLAN Design & Full End-to-End Validation Farrukh Hanif  |  NSX/VCF Engineer, NatWest Group  |  April 2026 VCIX6-NV  ·  VCP-VCF9  ·  VCAP-NV Design  ·  VCAP-DCV  ·  CKS  ·  CKA  ·  AWS SA Pro VCF 9 NSX-T Arista EOS vSAN OSA eBGP LACP Jumbo Frames NFS Home Lab Introduction This post is part of an ongoing series documenting the build-out of a physical VCF 9 home lab from scratch. Before a single VCF installer OVA is deployed, the physical network layer needs to be correct — VLANs present, MTUs consistent end-to-end, BGP uplinks reachable, and NFS accessible from the management domain. If any of these are wrong at day zero, VCF deployment will fail in ways th...

Upgrading NSX Manager in a Federated VCF Environment | Farrukh's Tech Blog VMware VCF · NSX Federation · Deep Dive Upgrading NSX Manager in a Federated VCF Environment A step-by-step architect's guide for upgrading NSX 4.1.2.3 → 4.2.3.1 when SDDC Manager has no visibility of Global Managers — and why sequence is everything. ● VCF 5.x ● NSX Federation 4.1.2.3 → 4.2.3.1 April 2025 Upgrading NSX in a standard VCF workload domain is a well-understood workflow — SDDC Manager owns the lifecycle, orchestrates the upgrade bundle, and walks you through a pre-check → upgrade → validation loop. But introduce NSX Federation — with its Global Manager / Local Manager topology — and that comfortable automation suddenly has a blind spot: SDDC Manager has no visibility of Global Managers whatsoever . Get the sequence wrong, and you can en...

NSX Deep Dive — Architecture Series NSX Profiles: The Complete Reference from 4.x to VCF 9 NSX VCF 9 Architecture Security April 2026 · 12 min read If you have spent any time deploying NSX, you will have encountered profiles — and you will know that the variety and overlap between them can be genuinely confusing the first time you map them all out. Which profile controls my TEP VLAN? Where do I enforce anti-spoofing? Why do I have both a Segment Security profile and a SpoofGuard profile? This post cuts through that confusion with a structured walkthrough of every profile type, what it does, and how it fits into the broader fabric of an NSX deployment. We also cover what has changed — and what has been confirmed as different — with the arrival of VCF 9 and NSX 9. Think of NSX profiles as reusable configuration templates. Rather than configuring MTU, teaming, or security policy on each individual port or host, you define a profile once and apply it consistent...