VMware NSX newly created segments attached to T0 are not seen in routing table
search cancel

VMware NSX newly created segments attached to T0 are not seen in routing table

book

Article ID: 322664

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • You have a Tier 0 logical router.
  • You create a new segment and attach it to the Tier 0.
  • Checking the routing table of the Tier 0 SR/DR the subnet for the segment is not present.
  • Existing segments already joined to the Tier 0 and showing fine.
  • You have routing prefix list configured using a length greater than 32.
  • In the /var/log/rcpm/frr_logs/frrfailedcfg.<date/time>.txt file you see entries similar to the following:
ip prefix-list a6e35d49-####-####-####-6aa27ced4100 seq 20 deny 0.0.0.0/96 le 128

Note: The frrfailedcfg.<date/time>.txt logs are contained in a tar.bz2 tarball and will need to be extracted to view them.
  • In the /var/log/rcpm/frr-reload.log file you see the following entries:
ERROR: Command '['/usr/bin/vtysh', '-m', '-f', '/config/vmware/edge/frr/frrbasecfg.txt']' returned non-zero exit status 2.

Environment

VMware NSX 4.x
VMware NSX-T Data Center 3.x

Cause

The IPv4 prefix length is configured with a invalid length, there was incorrect validation on this and once the invalid length is entered, it means the frr process is unable to load the configuration, therefore new configurations added since the invalid prefix was added will also fail to be added.

Note: In the above log it was less than or equal to (le) 128, it can not be anything greater than 32 for IPv4 and 128 for IPv6, this also includes greater than or equal to (ge) values.

Resolution

This issue is resolved in VMware NSX 4.2.0

Workaround:
Review the prefix length in the Tier 0 Routing - IP Prefix Lists and correct invalid lengths.
For details on configuring IP Prefix List, please review the Administration Guide.