Modifying NSX-T segment names may cause issues with MON in HCX
search cancel

Modifying NSX-T segment names may cause issues with MON in HCX

book

Article ID: 368471

calendar_today

Updated On:

Products

VMware HCX VMware NSX-T Data Center

Issue/Introduction

  • The network has been extended by HCX in a version prior to NSX-T 3.2.
  • The L2E_<name> segment was renamed on the NSX target after being extended by HCX.
  • The MON feature was enabled after the segment was modified on the NSX target.
  • The MON task completed without errors, however, connectivity fails because adding the static route for <IP>/32 fails.
  • Modifications to the renamed segment, such as enabling MON, causes connectivity issues because of this.
  • Otherwise the existing Network Extension continues to operate normally.

The following errors are observed in /common/logs/admin/app.log

2024-05-14 21:51:09.689 UTC [NetworkStretchService_SvcThread-217606, j: b9e04809, s: 89bc3516, , TxId: 0bf95a0a-9e92-4d16-b39e-69698f0d39a5] WARN c.v.v.h.n.ConfigureHostRoutesOnEdgeJob- Failed to add static route {"network":"###.###.###.###\/32","display_name":"HCX Policy based MON for Subnet ###.###.###.###\/22","resource_type":"StaticRoute","next_hops":[{"scope":["\/infra\/segments\/hcx-ne-####"]}]}, error {"status":"failure","statusCode":400,"details":"","result":

Even though the segment is connected to the T1 router and the T1 router is connected to the T0 gateway, the following error is reported:

{"httpStatus":"BAD_REQUEST","error_code":528039,"module_name":"Policy","error_message":"Segment \/infra\/segments\/hcx-ne-#### is not connected to Tier0\/1 Gateway."}}

Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.

Environment

VMware NSX
VMware HCX

Cause

When changes to the segment name are made via the NSX-T manager to an extended segment, on versions of NSX-T older than 3.2, the communication is broken due to changed reference points.

The issue occurs when the segment's name is changed, causing the HCX manager's API call to fail with a specific error code (400), indicating a bad request.

Resolution

This issue is resolved in VMware NSX 3.2.4 and 4.0.0.1, and HCX 4.8.
Note: Both products must be in at least these versions for a resolution.

Preventative Workaround

There is no preventative workaround. If you are unable to upgrade NSX and HCX, renaming the segment should be done during a maintenance window as the dataplane will be impacted. Then, the reactive workaround may be implemented to restore the dataplane.

Reactive Workaround 

For any renamed segments that are affected, the below steps must be followed to recreate them and changes must only be introduced once they are unstretched:

  1. Move the VM(s) to a temporary segment.
  2. Unextend the extended segment.
  3. Delete the segment from the Destination NSX.
  4. Extend the segment.
  5. Move the VM(s) back and enable the MON.
Powered by Wolken Software