NSX-T Native Load Balancer and Virtual Server status is Unknown due to Invalid character in the LB application rule

search cancel

NSX-T Native Load Balancer and Virtual Server status is Unknown due to Invalid character in the LB application rule

book

Article ID: 369388

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

The NSX-T Native Load Balancer Status is Unknown
The Virtual Server status is unknown.
All Virtual Servers on the affected Load Balancer do not pass traffic.
Below message is seen when we try to get the LB status from Edge CLI

nsxedge-testlb> get load-balancer <LB-UUID> status
24304: Internal Error: Query LB Engine Failed.

Below Message is seen when running the "get load-balancer <LB-UUID> diagnosis" Command from the Edge CLI:

nsxedge-testlb> get load-balancer <LB-UUID> diagnosis
Checking
Action : checking system
Result : passed
Action : checking crash
Result : passed
Action : checking daemon status
Result : passed
Action : checking configuration
Result : not_found_in_db: LbCurrentMsg <<<<<<<<<<<

Below Error Messages are seen in the Syslog Messages In the Edge (/var/log/syslog):

<nsxedge-testlb>NSX 60279 LOAD-BALANCER [nsx@6876 comp="nsx-edge" subcomp="lb" s2comp="lb" level="ERROR" errorCode="EDG9999999"] [########-####-####-####-########b648] init_by_lua error: error loading module 'ruleset' from file '/config/vmware/edge/lb/etc/########-####-####-####-########b648/ruleset.lua':#012#011.../lb/etc/########-####-####-####-########b648/ruleset.lua:62: invalid escape sequence near '"rspirep ^Location:'#012stack traceback:#012#011[C]: at 0x735bd2bf0630#012#011[C]: in function 'require'#012#011init_by_lua:3: in main chunk

Environment

VMWare NSX

Cause

When a LB application rule gets configured with invalid character in the Action field, this new configuration does not takes effect and the LB would still use the old configuration. At this point there is no issues with LB packet processing. But when one of the following conditions occur, the old configuration would be cleared, and the new configuration with the invalid LB rule tries to load but fails:

the Edge Node gets rebooted
the Edge node enters and leaves the maintenance mode
the LB instance is detached from the T1 and re-attached

At this state the LB cannot process the packets anymore and the status of LB, Virtual Server would be Unknown in the NSX-T UI.

For example, if the action field of a LB application rule has a Invalid escape Sequence like "\" then any new LB configuration would not take affect till the LB rules are reconfigured with the valid escape sequences "\\" in this case.

Resolution

While configuring LB application rule, make sure to use valid escape sequence.

Refer to the lua manual for the valid escape sequences:

https://www.lua.org/manual/5.1/manual.html#2.1

"Literal strings can be delimited by matching single or double quotes, and can contain the following C-like escape sequences:
'\a' (bell), '\b' (backspace), '\f' (form feed), '\n' (newline), '' (carriage return), '\t' (horizontal tab), '\v' (vertical tab), '\\' (backslash), '\"' (quotation mark [double quote]), and '\'' (apostrophe [single quote]).
Moreover, a backslash followed by a real newline results in a newline in the string. A character in a string can also be specified by its numerical value using the escape sequence \ddd, where ddd is a sequence of up to three decimal digits.
Note: If a numerical escape is to be followed by a digit, it must be expressed using exactly three digits.

Strings in Lua can contain any 8-bit value, including embedded zeros, which can be specified as '\0'."

Feedback

thumb_up Yes

thumb_down No