NSX Edge uplink interface does not process any traffic after it is disabled and re-enabled
search cancel

NSX Edge uplink interface does not process any traffic after it is disabled and re-enabled

book

Article ID: 341241

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

Symptoms:
  • OSPF and BGP traffic no longer passes
  • Attempting to statically add the correct MAC address in the ARP table of the Edge Services Gateway (ESG) fails
  • You see the error:

    SIOCSARP: Network is unreachable

  • The NSX Edge logs contains entries similar to:

    2015-06-01T14:49:55+00:00 itcldfxnsxesg1-0 zebra[889]: [daemon.err] ERROR: Cannot get device settings for interface: VDR strerror: Operation not supported ## get_e100X_status @ e1000_tool.c:263
    2015-06-01T14:49:55+00:00 corpnsxesg1-0 zebra[889]: [daemon.err] ERROR: get_e100X_status FAILED # get_autoneg_configuration @ zebra_bluelane.c:91
    2015-06-01T14:49:55+00:00 corpnsxesg1-0 zebra[889]: [daemon.err] ERROR: Cannot get device settings for interface: br-sub strerror: Operation not supported ## get_e100X_status @ e1000_tool.c:263


    For more information, see Collecting diagnostic information for VMware NSX Edge (2079380).

    Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


Environment

VMware NSX for vSphere 6.3.x
VMware NSX for vSphere 6.1.x
VMware NSX for vSphere 6.2.x

Cause

This issue occurs because after disconnecting or reconnecting to the uplink interface when NSX Edge ECMP is enabled, from the User Interface (UI), the forwarding table gets reset and points to the incorrect uplink which causes the traffic to fail.
Note: This issue occurs only when ECMP is enabled.

Resolution

This issue is resolved in VMware NSX for vSphere 6.3.0, available at VMware Downloads.

To work around this issue if you do not want to upgrade, enable URPF loose mode through systemcontrol REST API.
To enable URPF loose mode through systemcontrol REST API, set both the files conf.all and conf.vNic_x to these settings.
Method: PUT

URL : https://NSXMGRIP/api/4.0/edges/edge-id/systemcontrol/config

Body :

<systemControl>
<property>sysctl.net.ipv4.conf.all.rp_filter=2</property>
<property>sysctl.net.ipv4.conf.vNic_0.rp_filter=2</property>
</systemControl>
Where:
  • 0 = disabled.
  • 1 = Enabled, strict (source must be reachable via ingress interface of the packet).
  • 2 = Enabled, loose (source must be reachable by any of interfaces of edge).
For more information, see the Configure an Interface section in the NSX Administration Guide.


Additional Information

To be alerted when this document is updated, click the Subscribe to Article link in the Actions box. Collecting diagnostic information for VMware NSX Edge
Reverse Path Forwarding in NSX 6.x and vCNS 5.x Edge
NSX Edge 上行链路接口在禁用和重新启用后不处理任何流量
NSX Edge アップリンク インターフェイスを無効にしてから有効にするとどのトラフィックも処理されなくなる