VMware SD-WAN Gateway/Edge: cloud/internet traffic fails when Gateways run version 5.2.2.0 or 5.4.0.0
Article ID: 324620
Updated On:
Products
VMware
VMware SD-WAN by VeloCloud
Issue/Introduction
With this issue, when one or more Edges use version 5.2.1 or earlier, send ICMP traffic, and are connected to the Gateway using 5.2.2.0 or 5.4.0.0, the ICMP processing allows SD-WAN Gateway and Edge flows to be released without proper cleanup. This results in stale NAT entries on the Gateway that are never removed and causes NAT tables to reach capacity with no free entries available. Lacking free NAT entries, Edge cloud/internet traffic using an affected Gateway deployed as their primary would fail.
Symptoms:
- Customers may observe that cloud/internet traffic that traverses a Gateway (multi-path) is failing when the connected Gateway uses version 5.2.2.0 or 5.4.0.0
- Edge-to-Edge traffic continues to work properly even while cloud/internet traffic through the Gateway fails.
- The field-found issues have been on SD-WAN Gateways. However, the Edge could potentially experience this issue and impact traffic for local users.
Cause:
This is caused by known issue 134893
Environment
VMware SD-WAN by VeloCloud
VMware SD-WAN
VMware SD-WAN
Resolution
Issue 134893 is resolved in VMware SD-WAN Edge/Gateway Version R5220-20240104-GA-134893, R5400-20231230-GA-134893, or later.
For information on how to upgrade please check the following article: https://kb.vmware.com/s/article/67152
For information on how to upgrade please check the following article: https://kb.vmware.com/s/article/67152
Additional Information
To be alerted when this article is updated, click Subscribe to Article in the Actions box.
Feedback
Yes
No
Powered by
