First thing I would attempt for troubleshooting is to move all the VMs in a broken vApp to the same host, also move the vse-edge VM (if one exists for the vApp network).
Then test... If something is broken still, then it is not VCNI, but something else, maybe host firewall. However (and what I expect to see) is that all the VMs will work. If this is the case then take one of the VMs that has been broken, and move it to a different host (and each host in your cluster) ; see if it still works. That will tell you if one or more of the hosts is having issues talking on the VCNI VLAN.
All that said a second thing to check is to clear the ARP tables of the upstream routers, VCNI has some issues where the tables on some switches can get corrupt, a clear will tell you if that is the case. (I know for some switches we used in the past we had to tell the apr tables to clear often).
When all done take a look at if VxLan is an option for you, it really works much better.