Service Engines intermittently fail (SE_DOWN ) after configuring an application profile override to L4 of any VS service port.

SE failure reason: Avi Service Engine failed

VS configuration example:

Affected Version: 20.1.x, 21.1.x, 22.1.x, 30.1.x, 30.2.1

Service Port  L4 override application profile to a SNI parent virtual service (VS) is not supported.  When a connection is proxied via L4 unintended behavior occurs during connection cleanup.

Enhancements will be added to the future GA releases of VMware Avi Load Balancer to better handle this misconfigurations and prevent a Service Engine failure.

Please look for Bug ID AV-214612 in the VMware Avi Load Balancer release notes.

Workaround(s):

Configuration Option#1:  Create separate L7 and L4 Virtual Services with a shared VIP configuration, with this configuration a service port application profile override is not required.

Sharing a Single VIP across Multiple Virtual Services

Configuration Option#2:  Create a Non-SNI Parent L7 VS with multiple service ports ( any port can use L4 override application profile).