Symptoms:

• A portgroup on a vSphere Distributed Switch (VDS) has significantly higher Capacity and Used ports than is expected based on the number of VMs and interfaces connected to the portgroup
• The Ports tab for a portgroup under Home -> Inventory -> Networking in the vSphere Client shows a high number of ports with no Name or Connectee but that appear to be Used ports based on the port stats reported on the Summary tab for the portgroup
• There is a high number of "orphaned" ports associated with a VDS portgroup
• This issue has been observed when there is a high number of Horizon instant clone provisioning failures in the environment

VMware ESXi 5.5.x

vSphere operations performed against the vSphere Distributed Switch such as VM reconfigure, create, clone, or create instant clone all reserve a port prior to starting the respective operation.  If the operation fails after the port has been reserved, the port may not be reclaimed in the vCenter UI or the port allocation display for the portgroup and the port can become "orphaned".  If there are a high number of these types of failures in a short period of time, the number of ports allocated to the distributed portgroup can increase.  This is typically observed in environments that have VMs with a high rate of provisioning operations, such as Horizon instant clone environments.

It is recommended to use Static port binding with Elastic port allocation for environments with a high rate of VM configuration change or VM provisioning operations.  This will allow vCenter to dynamically adjust the number of ports associated with the portgroup to accommodate new VMs as needed.  For more information, see section Edit General Distributed Port Group Settings in the vSphere Networking Guide.

Resolving the issue requires first identifying and correcting the cause of the VM provisioning or configuration failures leading to the orphaned ports and then calling the refreshPortState vCenter API to reclaim the orphaned ports.  Identifying and resolving the cause of the provisioning failures is out of the scope of this article.

The refreshPortState API can be invoked through the following method:

1. Identify the managed object ID (MOID) for the vShpere Distributed Switch that contains the problem portgroup:
   1. Navigate to the vCenter Manager Object browser and enter the vCenter credentials.  The Managed Object Browser can be accessed at the following URL: https://<VC IP or hostname>/mob.
   2. Identify the distributed switch MOID by following the links for content -> group-d1 (Datacenters) -> selecting the datacenter and then selecting the affected dvPortgroup from the network property box.
   3. From the dvPortgroup page, select the config link and note the Value for the distributedVirtualSwitch property.  This is the MOID for the VDS.
2. Invoke the refreshPortState API:
   1. Navigate to the following URL: https://<VC IP or hostname>/mob/?moid=<VDS MOID>&method=refreshPortState.  You will need to substitute the vCenter hostname and the VDS MOID for the specific environment.
   2. Leave the portKeys text box empty and click Invoke Method.

Note: This operation is not disruptive to virtual machines or other VDS traffic.