IP/MAC Bindings discovered through a VIF/VM do not migrate when the VIF attaches to a new LogicalPort
Article ID: 329041
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
When a VIF is detached from its parent LogicalSwitchPort and attached to a new LogicalSwitchPort, the IP/MAC bindings discovered through the VIF before the migration stays with the old LogicalSwitchPort in the Port UI. The firewall rules that have the old LogicalSwitchPort will continue to use the old bindings even after the VIF is detached from it.
When a VIF is detached from its parent LogicalSwitchPort and attached to a new LogicalSwitchPort, the IP/MAC bindings discovered through the VIF before the migration stays with the old LogicalSwitchPort in the Port UI. The firewall rules that have the old LogicalSwitchPort will continue to use the old bindings even after the VIF is detached from it.
Environment
VMware NSX-T
Cause
This issue occurs as discovered bindings are only deleted when a user explicitly requests them to delete from the UI or API. They are not deleted when the VIF is detached from the LogicalSwitchPort
Resolution
If there is a need to detach VIF from the LogicalSwitchPort and attach it to a new Port, the discovered bindings should also be explicitly deleted from the LogicalSwitchPort.
A new set of bindings will be learnt for the new LogicalSwitchPort. Note that the old bindings set and the new bindings set may be different from each other.
A new set of bindings will be learnt for the new LogicalSwitchPort. Note that the old bindings set and the new bindings set may be different from each other.
Feedback
Yes
No
Powered by
