NSX Edge fails to power on when logging in all ACCEPT firewall rules
search cancel

NSX Edge fails to power on when logging in all ACCEPT firewall rules

book

Article ID: 343351

calendar_today

Updated On:

Products

VMware NSX Networking

Issue/Introduction

Symptoms:
  • NSX Edge fails to power on
  • In the /var/log/vmkernel.log file of the ESXi host, you see entries similar to:

    2016-04-12T10:13:36.125Z| vcpu-1| I120: DISKLIB-CHAIN : DiskChainUpdateContentID: old=0xfd89b2c1, new=0xfdc145b0 (0db86aa661b2f9ef74f90581fdc145b0)
    2016-04-13T00:42:18.070Z| vcpu-0| I120: Vix: [58005863 vmxCommands.c:7586]: VMAutomation_HandleCLIHLTEvent. Do nothing.
    2016-04-13T00:42:18.079Z| vcpu-0| I120: MsgHint: msg.monitorevent.halt
    2016-04-13T00:42:18.079Z| vcpu-0| I120+ The CPU has been disabled by the guest operating system. Power off or reset the virtual machine.

     
  • In the /var/log/vmkernel.log file of the ESXi host, you see entries similar to:

    vmkernel.1:2016-04-16T01:02:33.328Z cpu53:33787)WARNING: ScsiDeviceIO: 2130: Space utilization on thin-provisioned device naa.60060e8013356000502035600000003b exceeded configured threshold

    Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.


Environment

VMware NSX for vSphere 6.0.x
VMware NSX for vSphere 6.4.x
VMware NSX for vSphere 6.3.x
VMware NSX for vSphere 6.1.x
VMware NSX for vSphere 6.2.x

Cause

This issue occurs if all ACCEPT rule logging is enabled, which can create serious performance overhead.

Resolution

VMware recommends enabling logging for all ACCEPT firewall rules only for contained debugging purposes and not during highly loaded conditions. Such logging settings also may fill the disk space used to store critical log messages, impacting the ability to troubleshoot real network issues.
 
 


Additional Information

对所有 ACCEPT 防火墙规则进行日志记录时 NSX Edge 无法开机