In an NSX Security Only Install, configuring ESXi hosts for NSX might fail while applying the host switch configuration.
search cancel

In an NSX Security Only Install, configuring ESXi hosts for NSX might fail while applying the host switch configuration.

book

Article ID: 378609

calendar_today

Updated On:

Products

VMware vDefend Firewall VMware NSX

Issue/Introduction

In an NSX Security Only Install, preparing ESXi hosts for NSX might fail while applying the host switch configuration. The NSX Manager UI may show messages like "Host configuration: NSX enabled switches already exist on host. Please run 'del nsx' command on host"

Following errors can be seen in the ESXi host logs:

var/run/log/nsx-syslog:

2024-09-13T20:34:48.872Z Er(179) nsx-opsagent[2101803]: NSX 2101803 - [nsx@6876 comp="nsx-esx" subcomp="opsagent" s2comp="nsxa" tid="2102525" level="ERROR" errorCode="MPA42056"] Command : applyDvses ....
....<snip>
...
'faultMessage': ['Operation failed, diagnostics report: Unable to Get DVS vendor specific data: Status(bad0006)= Limit exceeded']}|Failed to remove spf property from dvs: ApplyNsxDvsConfig on (xx xx xx xx xx xx xx xx-xx xx xx xx xx xx xx xx) failed when applying key com.vmware.nsx.spf.enabled {'fault': 'PlatformConfigFault', 'msg': 'An error occurred during host configuration: .', 'faultMessage': ['Operation failed, diagnostics report: Unable to Get DVS vendor specific data: Status(bad0006)= Limit exceeded']}

 

var/run/log/vmkernel.log

2024-09-13T20:34:48.464Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: swsec: SwSec_VdsPropUnregister:967: [nsx@6876 comp="nsx-esx" subcomp="swsec-23382415" errorCode="ESX4"]Failed to unregister com.vmware.vswitch.port.swsec.security
2024-09-13T20:34:48.464Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: swsec: SwSec_VdsPropUnregister:971: [nsx@6876 comp="nsx-esx" subcomp="swsec-23382415" errorCode="ESX4"]Failed to unregister com.vmware.vswitch.port.swsec.discovery.vmtools
2024-09-13T20:34:48.464Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: swsec: SwSec_VdsPropUnregister:973: [nsx@6876 comp="nsx-esx" subcomp="swsec-23382415" errorCode="ESX4"]Failed to unregister com.vmware.vswitch.port.swsec.discovery.ipv6
2024-09-13T20:34:48.464Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: swsec: SwSec_VdsPropUnregister:975: [nsx@6876 comp="nsx-esx" subcomp="swsec-23382415" errorCode="ESX4"]Failed to unregister com.vmware.vswitch.port.swsec.discovery
2024-09-13T20:34:48.464Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: swsec: SwSec_VdsPropUnregister:977: [nsx@6876 comp="nsx-esx" subcomp="swsec-23382415" errorCode="ESX4"]Failed to unregister com.vmware.vswitch.port.swsec.enabled
<snip>
2024-09-13T20:34:48.467Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: NetHotswap: 534: DvsPortset-1: failed to swap from type cswitch to type vswitch reverting to cswitch
<snip>
2024-09-13T20:34:48.468Z Wa(180) vmkwarning: cpu116:2100607 opID=978e0463)WARNING: NetHotswap: 540: DvsPortset-1: failed to revert to type cswitch, reverting to nulldev

Environment

All NSX versions prior to 4.2.0.

Cause

The root cause for this issue is the presence of stale properties on the ESXi host to think NSX is already installed on the host switch. These were left on the host during a previous un-successful uninstall of NSX from these hosts. So, when an attempt was made to install NSX again, there was a failure due to the stale properties.

Resolution

This issue is resolved in NSX versions 4.2.0. and subsequent releases. To permanently resolve the issue, upgrade to one of the fixed versions.

Workaround(s): 

1. A workaround would be to run the "del nsx" command on the affected host. Please see step 8. in this doc: https://docs.vmware.com/en/VMware-NSX/4.1/installation/GUID-52FA28CD-CB47-46C6-9D7B-F006916E3C87.html

or

2. reboot the ESXi host. 

Powered by Wolken Software