"root ruleset is empty" and "failed to find anchor rule" messages on an ESXi host prepared for NSX-T
search cancel

"root ruleset is empty" and "failed to find anchor rule" messages on an ESXi host prepared for NSX-T

book

Article ID: 322526

calendar_today

Updated On:

Products

VMware vDefend Firewall

Issue/Introduction

  • On the ESXi host, there are multiple log entries in the log file /var/run/log/vmkernel.log, as below:
2023-08-14T12:51:16.678Z cpu5:2102684)root ruleset is empty
2023-08-14T12:51:16.678Z cpu5:2102684)failed to find anchor rule
  • Service insertion (SI) filters are enabled.

Environment

VMware NSX-T Data Center 3.x

Cause

This log messages are observed when SI filter is created and occurs when there's a delay when pushing the configuration, whish leads to flood of logs entries.

Resolution

This issue is resolved in NSX-T Data Center 3.2.3

Powered by Wolken Software