NSX-T Data Center Capacity Dashboard generates alarm: Saved Firewall Rules Configuration has reached 101%
search cancel

NSX-T Data Center Capacity Dashboard generates alarm: Saved Firewall Rules Configuration has reached 101%

book

Article ID: 322614

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

In the NSX-T Data Center Alarms, you are presented with an error:
Saved Firewall Rules Configuration has reached 101%
The Distributed Firewall still has the default setting of Auto Save Drafts enabled.

Auto drafts has a maximum limit of 100 drafts.
Once the limit of 100 drafts is reached, the oldest auto draft will get purged automatically, to allow the new draft to be created, this process ensures the maximum limit of 100 auto drafts.
Once the auto draft count reaches 100, it never goes below 100 due to the cyclical nature.
Capacity dashboard has an alarm for Distributed Firewall auto drafts, this alarm has a threshold of 70%, so once there is 70 or more auto drafts, it will trigger as an alert.
Once it reaches 100% (100 auto drafts), it will trigger an ERROR.


Environment

VMware NSX-T Data Center
VMware NSX-T Data Center 3.x

Resolution

Ultimately no action required, as cyclical process (first in first out) will maintain the 100 auto drafts.
However, if you wish the alarm to discontinue, the issue is resolved in NSX-T Data Center 3.1.2.
The capacity dashboard does not monitor the number of auto drafts, as it will never go beyond 100.