My colleague Dale wrote about the addition of the Filter Hash property introduced in NSX 6.2.4. This helps identify the the filter used on the vNIC. His examples show the ability to use the CLI to determine it.
The filter hash provides a reference to a DFW filter placed upon a vNIC. In Dale’s article it can be easily show with come commands. If you are logging Distributed Firewall rules the output is included in it. You could use the Filter Hash as a way to determine a source of a rule. This could be useful when a Virtual Machine may have numerous IP addresses on a vNIC. This could be the case in terms of a loopback or a Virtual IP.
The following value highlighting the filter hash is as follows:
Field Name: vmw_nsx_firewall_filterhash
Extracted value: Integer -?\d+
Pre context: dfwpktlogs:
Post context: INET
This will highlight the filter hash. The hash can be used in dashboards below:
- Unique number of hashs
- Hash, src, dst and port