Traffic towards LB/NAT ip’s blackholed when edge split brain happens and recovers
Article ID: 318279
Updated On:
Products
VMware NSX
Issue/Introduction
This article is to provide information on a known issue that is seen in NSX-T 3.0.0
Symptoms:
Edges experience split-brain and recovers.
Upstream switch entries for the mac/ARP pointing towards standby edge.
Symptoms:
Edges experience split-brain and recovers.
Upstream switch entries for the mac/ARP pointing towards standby edge.
Environment
VMware NSX-T Data Center
VMware NSX-T Data Center 3.x
VMware NSX-T Data Center 3.x
Cause
1. This is a day1 issue.
2. LB/NAT IP addresses are handled as proxy-arp by edges.
3. When split-brain happens, standby edge sends GARP for all IP’s due to which upstream switch will update its mac table.
4. When split-brain recovers, Active edge doesn’t send GARP for arp proxy IP’s.
5. This leads physical switch to point entries to wrong interface connected towards Standby edge.
2. LB/NAT IP addresses are handled as proxy-arp by edges.
3. When split-brain happens, standby edge sends GARP for all IP’s due to which upstream switch will update its mac table.
4. When split-brain recovers, Active edge doesn’t send GARP for arp proxy IP’s.
5. This leads physical switch to point entries to wrong interface connected towards Standby edge.
Resolution
This issue is fixed in 3.0.1 release.
Workaround:
You can follow below should the behavior is seen
1. Wait for arp caches to expire on upstream device.
2. Manually clear the entries on customer switch.
3. If feasible, change ARP expiry timer to 1min.
Workaround:
You can follow below should the behavior is seen
1. Wait for arp caches to expire on upstream device.
2. Manually clear the entries on customer switch.
3. If feasible, change ARP expiry timer to 1min.
Additional Information
Impact/Risks:
No impact/risks
No impact/risks
Feedback
Yes
No
Powered by
