VM ports are blocked in an NSX environment
Article ID: 324217
Updated On:
Products
VMware NSX Networking
Issue/Introduction
Symptoms:
- NSX 3.2.x
- The environment at one time ran NSX version 3.1.1
- VMs on a specific segment lose networking due to their ports being blocked
- On ESXi, the command net-dvs shows the VM port is blocked e.g.
net-dvs
port f11a84aa-920c-4371-8b11-0834389c6a4d:
com.vmware.common.port.alias = f11a84aa-920c-4371-8b11-0834389c6a4d , propType = CONFIG
com.vmware.common.port.connectid = 1676471471 , propType = CONFIG
com.vmware.common.port.block = true , propType = CONFIG
com.vmware.common.port.backingType = nsx , propType = CONFIG
port f11a84aa-920c-4371-8b11-0834389c6a4d:
com.vmware.common.port.alias = f11a84aa-920c-4371-8b11-0834389c6a4d , propType = CONFIG
com.vmware.common.port.connectid = 1676471471 , propType = CONFIG
com.vmware.common.port.block = true , propType = CONFIG
com.vmware.common.port.backingType = nsx , propType = CONFIG
- NSX Manager syslog has an exception similar to this example
2023-02-15T11:50:45.694Z ERROR providerTaskExecutor-43 LogicalSwitchServiceImpl 2730 SWITCHING [nsx@6876 comp="nsx-manager" errorCode="MP8005" level="ERROR" subcomp="manager"] Identifier LogicalSwitch/6bc7310d-7aa6-44d0-b9da-8fdf9b3018b1 specified in the create call for entity LogicalSwitch already exists in the system.
2023-02-15T11:50:45.694Z ERROR providerTaskExecutor-43 PolicyProviderUtil 2730 POLICY [nsx@6876 comp="nsx-manager" errorCode="PM500015" level="ERROR" subcomp="manager"] Unexpected exception received during provider invocation.
com.vmware.nsx.management.switching.common.exceptions.SwitchingException: null
at com.vmware.nsx.management.switching.logicalnetwork.service.LogicalSwitchServiceImpl.validateLogicalSwitch(LogicalSwitchServiceImpl.java:593) ~[?:?]
at com.vmware.nsx.management.switching.logicalnetwork.service.LogicalSwitchServiceImpl.create(LogicalSwitchServiceImpl.java:690) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.createLogicalSwitchOnNSX(SegmentProviderNsxT.java:915) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.handleConnectivityChange(SegmentProviderNsxT.java:410) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.handleSegmentChange(SegmentProviderNsxT.java:251) ~[?:?]
2023-02-15T11:50:45.694Z ERROR providerTaskExecutor-43 PolicyProviderUtil 2730 POLICY [nsx@6876 comp="nsx-manager" errorCode="PM500015" level="ERROR" subcomp="manager"] Unexpected exception received during provider invocation.
com.vmware.nsx.management.switching.common.exceptions.SwitchingException: null
at com.vmware.nsx.management.switching.logicalnetwork.service.LogicalSwitchServiceImpl.validateLogicalSwitch(LogicalSwitchServiceImpl.java:593) ~[?:?]
at com.vmware.nsx.management.switching.logicalnetwork.service.LogicalSwitchServiceImpl.create(LogicalSwitchServiceImpl.java:690) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.createLogicalSwitchOnNSX(SegmentProviderNsxT.java:915) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.handleConnectivityChange(SegmentProviderNsxT.java:410) ~[?:?]
at com.vmware.nsx.management.policy.providers.switching.SegmentProviderNsxT.handleSegmentChange(SegmentProviderNsxT.java:251) ~[?:?]
Environment
VMware NSX-T Data Center 3.x
VMware NSX-T Data Center
VMware NSX-T Data Center
Cause
The exception is due the parent segment having the realizationObjectId value as NULL which was present since 3.1.1.
As a result SegmentProviderNsxT tries to create a new segment, instead of updating existing segment and fails.
Every port created on this segment after this issue starts will go into a blocked state on host.
As a result SegmentProviderNsxT tries to create a new segment, instead of updating existing segment and fails.
Every port created on this segment after this issue starts will go into a blocked state on host.
Resolution
This is a known issue, there is currently no resolution.
Workaround:
To workaround this issue a new segment can be created to replace the problem segment.
Alternatively to resolve and keep using the problem segment, please open a Support Request with VMware Support.
Workaround:
To workaround this issue a new segment can be created to replace the problem segment.
Alternatively to resolve and keep using the problem segment, please open a Support Request with VMware Support.
Feedback
Yes
No
Powered by
