NSX Identity Firewall working intermittently. NSX Context Engine not running on ESXi host.
Article ID: 317869
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
NSX Identity Aware Firewall is functioning intermittently while utilizing NSX Guest Introspection for the detection of network events.
While the NSX Context Engine on an ESXi is running, identity firewall functions as intended. While the service is not running, identity firewall will not function.
Error messages in the ESXi Syslog are seen like the following:
NSX-Context-Engine: [ERROR] (EPSEC) [8720425] ASSERT: /build/mts/release/bora-11038418/vss/app/nsx-ctxteng/main/IDFW.cpp:307: EPSecQueryProcessInfo: 0x6
NSX Identity Aware Firewall is functioning intermittently while utilizing NSX Guest Introspection for the detection of network events.
While the NSX Context Engine on an ESXi is running, identity firewall functions as intended. While the service is not running, identity firewall will not function.
Error messages in the ESXi Syslog are seen like the following:
NSX-Context-Engine: [ERROR] (EPSEC) [8720425] ASSERT: /build/mts/release/bora-11038418/vss/app/nsx-ctxteng/main/IDFW.cpp:307: EPSecQueryProcessInfo: 0x6
Cause
If the NSX Context Engine receives imperfect information from the network event driver it can lead to the NSX Context Engine stopping over a period of time. If this occurs, the NSX Context Engine will stay stopped until manually restarted.
The imperfect information being supplied to the NSX Context Engine is not indicative of a network driver malfunction. It can occur as a result of network processes on the Guest OS which start and stop on a sub-second timeline.
Resolution
This is a known issue effecting many versions of NSX. This issue is resolved in NSX 6.4.6.
You may contact VMware GSS NSX Support for a temporary workaround until upgrading is possible.
Feedback
Yes
No
Powered by
