Unstable BGP connection over IPv6 on Edge uplink
search cancel

Unstable BGP connection over IPv6 on Edge uplink

book

Article ID: 376144

calendar_today

Updated On:

Products

VMware NSX-T Data Center

Issue/Introduction

  • NSX edge may not respond to BGP update when a 9000 byte packet of BGP update is sent to the Edge node.
  • BGP session may go down.
  • Malformed packet count on packet drop counter on edge's uplink may increase.
    This can be seen in nsxcli:
    nsx> get logical-router interface ########-####-####-####-#######1234 stats
    Thu Aug 15 2024 PDT 10:06:08.814
    interface : ########-####-####-####-#######1234
    ifuid     : 287
    VRF       : ########-####-####-####-######abcd
    statistics
        RX-Packets : 110961244
        RX-Bytes : 12022505644
        RX-Drops : 5
            Blocked : 0
            DST-Unsupported: 0
            Firewall : 0
            Malformed : 3042294
            No-Receiver : 0
            No-Route : 5
            RPF-Check : 0
            Protocol-Unsupported: 0

Environment

VMware NSX-T Data Center

VMware NSX

Cause

Edge Datapath will parse the IPv6 header for unicast packets when destination IP is the uplink IP address of the SR instance, or SR CPU's port IP address. The payload length field of the IPv6 header is not processed with correct byte order.

As a result, payload length of multiples of 256 bytes are treated as malformed packets and and are dropped.

Resolution

This issue is resolved in NSX 3.1.0 and higher.

Powered by Wolken Software