Access List Control does not work when enabled for the first time on policy UI.
search cancel

Access List Control does not work when enabled for the first time on policy UI.

book

Article ID: 321535

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Access List Control was configured on a virtual server for the first time referring to the following document: Add Layer 4 Virtual Servers
  • Traffic passes even though it is set to drop in the access list control.
  • In the /var/log/cloudnet/nsx-ccp.log, the following error is observed:
2023-02-08T13:18:39.150Z  WARN Owl-worker-2 ExecutorTask 21167 - [nsx@6876 comp="nsx-controller" level="WARNING" subcomp="owl"] Failed to process dataUpdate for listener RedistributionAppImpl, error message: vmware.nsx.nestdb.LbVirtualServerMsg and vmware.nsx.nestdb.UuidOpMsg mismatch: missing field container_id, error stack:java.lang.UnsupportedOperationException: vmware.nsx.nestdb.LbVirtualServerMsg and vmware.nsx.nestdb.UuidOpMsg mismatch: missing field container_id

Environment

VMware NSX 4.x
VMware NSX-T Data Center 3.x

Cause

CCP fails to send the updates of container_id, access_list_control, or log_significant_event_only to host side.   

Resolution

This issue is resolved in VMware NSX-T 3.2.3 and NSX 4.1.1, available at Broadcom downloads - VMware NSX or Broadcom downloads - VMware NSX-T Data Center.
If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.


Workaround:

There are three options. This issue can be resolved by doing one of these things:

  • Turning the Access List Control off and turning it on again.
  • Create a clone from the virtual server.
  • Restart controller service on all managers.

Powered by Wolken Software