After Upgrade From 2.5.x to 3.x, uRPF Mode on Tier 0 Gateway Interfaces is Changed From None to Strict.
book
Article ID: 327303
calendar_today
Updated On:
Products
VMware NSX Networking
Issue/Introduction
Symptoms: After upgrading from 2.5.x to 3.x, uRPF mode on Tier 0 gateway interfaces is changed from none to strict.
This change can cause traffic to be dropped by the Tier 0 gateway.
There is no log to identify this issue. Check the uRPF setting after upgrading to 3.x
Environment
VMware NSX-T Data Center VMware NSX-T Data Center 2.5.x VMware NSX-T Data Center 3.x
Cause
uRPF mode was first introduced to the policy API in 3.0.1 . During upgrade from 2.5.x to 3.x, a script is run to convert the value of uRPF mode into the policy API.
The conversion of uRPF from its 'manager' value to 'policy' value can lead to an incorrect setting.
Resolution
This issue will be fixed when upgrading from 2.5.X to 3.1.3 and onwards.
Workaround: There is no preventative workaround. After upgrade, users are encouraged to correct their uRPF setting to its desired value.
Note: After upgrade to 3.X and encountering this issue, the uRPF setting must be changed in the policy mode UI, rather than the manager mode UI.