[VMC] Previous IP address of VM displayed in inventory of Management/Compute groups

search cancel

[VMC] Previous IP address of VM displayed in inventory of Management/Compute groups

book

Article ID: 313651

calendar_today

Updated On:

Products

VMware Cloud on AWS

Issue/Introduction

When adding a virtual machine to Management/Compute groups the previously assigned IP address of the virtual machine is displayed in the inventory of the groups as a member.

Environment

VMC on AWS

Cause

A segment with SpoofGuard approves a new IP address in TOFU (Trust On First Use) mode and retains IP addresses internally as a trusted one.

Resolution

This is expected behavior in NSX.
There is no option to disable Trust On First Use (TOFU) in a VMC on AWS SDDC.
As a workaround:
- Move the vNIC of the virtual machine from one segment to another segment.
- Then, move the vNIC of the virtual machine back to the original segment.
- This will cause the virtual machine to lose network connectivity temporarily.

Additional Information

Understanding IP Discovery Segment Profile
Virtual machines in an NSX for vSphere firewall security group retain IP addresses after power-cycle or have been assigned a new vnic

Feedback

thumb_up Yes

thumb_down No