NSX Federation: 'Error' Status and 'Global' Label for Distributed Port Groups
search cancel

NSX Federation: 'Error' Status and 'Global' Label for Distributed Port Groups

book

Article ID: 381016

calendar_today

Updated On:

Products

VMware NSX VMware NSX Firewall VMware vDefend Firewall

Issue/Introduction

You will notice Distributed Port Groups marked with an 'Error' status and labeled 'Global' under Networking > Segments > Distributed Port Groups

 

DFW rules are not enforced correctly on VM's residing on these portgroups. 

 

Environment

NSX versions below 4.2.1

Cause

This issue is known to occur when Distributed Port Groups are incorrectly imported into the Global Manager during a Federation Configuration Import. Since Distributed Port Groups are not supported on the Global Manager, the import process should prevent them from being imported.

Resolution

Permanent fix is in NSX 4.2.1 and later. 

 

For customers that cannot upgrade to address the issue, please open a Service Request with Broadcom Global Support for assistance with workaround steps.