Title: Alarm for high Enhanced Datapath flow table usage
Event ID: esx_health.enhanced_dp_flow_table_usage_high
Issue fixed in: 4.2.0
Alarm Description

• Purpose: There is at least one flow-table on the Host in which more than 90% of entries are filled.
• Impact: Slower traffic or packet drop would be observed due to flow miss as there is high chance new flow entry creation could fail.

Cause
If the number of active flows exceeds the flow-table size, or if there are many short-lived connections coming in, the flow tables can fill up. Increasing the flow table size is beneficial when the number of active flows is stable over time. However, this might not improve performance in cases where short-lived connections continuously come in. In such scenarios, the flow table might always be full, regardless of its size.

Note: This article is for high-usage (90-95% occupancy). For very-high-usage (above 95% occupancy), please refer to KB Article 95769 .

VMware NSX-T Data Center

For Enhanced Datapath (EDP) host switch mode, consider increasing the flow table size by invoking the following command, if performance degradation is observed.

'nsxdp-cli ens flow-table size set -s $NUM_ENTRIES'
$NUM_ENTRIES must be a power of 2. Host must be rebooted.

Increasing the number of flow entries doesn't always improve performance, if short lived connections keep coming in. The flow table might be always full regardless of the flow table size. A large flow-table size wouldn't help in this case. EDP has a logic to detect this and automatically enable and disable flow tables to handle such a case.
Increasing the number of flow entries may increase the memory footprint.