During NSX-T upgrade, ESXi host may experience a PSOD
search cancel

During NSX-T upgrade, ESXi host may experience a PSOD

book

Article ID: 322419

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

Symptoms:
  • You are upgrading NSX-T from an NSX-T version less than 3.2.0 to version 3.2.0 or higher.
  • You are using the In-Place option to upgrade the ESXi hosts.
  • You have configured policy based routing with HCX.
  • On the ESXi host, running net-vdr --policyTable -l will show results such as, which indicate HCX policy routing is enabled:
#net-vdr --policyTable -l
Policy Tables
Id Name Ref
--- ------------------------------ ---
5 8926fa40-f856-4379-b237-3e17a67a73fc 25
Policy Table ID 5 Information
#net-vdr --policy -l -B 5
 
Policy Table 5
Destination GenMask Flags Ref Action HitCount
----------- ------- ----- --- ------ --------
0.0.0.0 0.0.0.0 1 allow 0
10.0.0.0 255.0.0.0 1 allow 0
172.16.0.0 255.240.0.0 1 allow 0
192.168.0.0 255.255.0.0 1 allow 0
Policy count = 4
============================================================================================
Dumping DR FL tables
============================================================================================
IPv4 FLE entries
FL Table Dump.


Environment

VMware NSX-T

Cause

When policy routing is configured with HCX and you are doing an In-Place upgrade, this can trigger a PSOD on the ESXi host.
Note: For further details on HCX policy routing Mobility Optimized Networking Policy Route

Resolution

This is a known issue impacting NSX-T data center.

Workaround:
When doing the NSX-T upgrade, instead of an inplace upgrade, use maintenance mode for the ESXi hosts upgrade.
or
In HCX if possible, you can disable the policy routing before the upgrade.