Maximum IPv4 routes limit is exceeded on Edge node alarm

search cancel

book

calendar_today

VMware NSX

Title: Alarm for maximum IPv4 routes limit is exceeded on Edge node.

Event ID: routing.maximum_ipv4_route_limit_exceeded.

Alarm Description:

Purpose: This alarm is used to notify the user that the maximum IPv4 prefix limit is about to reach.
Impact: There is no functional impact. This alarm is for users who wish to monitor the number of routes to be handled by the edge node. This scenario can mean higher CPU usage.

VMware NSX

Steps to Resolve

For 4.0.1.1 and higher

Recommended Action:

This alarm will be raised after maximum_ipv4_route_limit_approaching is raised.
This indicates that the user has not taken any action when the alarm indicating that the limit is approaching has been raised.
As of now the route limit is fixed across all form factors and it is not configurable, the NSX deployment needs to be designed in such a way that the limits are adhered to. This alarm is raised when the max IPv4 route limit is reached.
1. RIB_PREFIX_COUNT_IPV4_MAX 500000
2. RIB_PREFIX_COUNT_IPV6_MAX 100000
If the increase in the number of routes is not expected then one can verify the number of routes that are dynamically learned across all the routing protocols and the static routes that are configured.
1. Please use below command to get the details
  NSX CLI get route vrf all ipv4
  or
  API /policy-ip>/policy/api/v1/infra/tier-0s/<tier-0>/number-of-routes?edge_path=<edge-path>&include_child_vrf=true
Once it is clear from which protocol the routes are learned, one can check the neighboring router configuration to determine if any new redistribution configuration has been enabled recently and if the change is intentional.
Assuming the routes can be filtered, necessary actions need to be taken by configuring the deny policy for unwanted routes [See NSX Documentation - Create a Route Map].

Maintenance window required for remediation? No

thumb_up Yes

thumb_down No