After upgrading to NSX 4.1.2, the customer is encountering Blue Screen of Death (BSOD) issues on the WinBMS node. This occurs when attempting to PXE boot via a Windows Deployment Server. The error message indicates that the source module causing the crash is osmin.sys.

Symptoms:

• BSOD occurs on the Windows BMS node.
• Error details indicate osmin.sys as the source module.
• The system crashes during the PXE boot process initiated by the Windows Deployment Server.

VMware NSX 4.1.2 

The issue occurs due to the configuration of L3/L4 services on the WinBMS DFW (Distributed Firewall), which permits TFTP traffic. Under normal conditions, TFTP reply packets should use a new source port (other than port 69) to connect to the client.

However, an abnormal TFTP reply packet, with the source port still set to 69, triggers the BSOD. This causes a deadlock in the ovs-windows kernel driver during connection tracking. Specifically, when processing the TFTP reply packet, the driver attempts to set entry->parent equal to entry itself in the conntrack process, leading to the deadlock and resulting BSOD.

Resolution:

This issue has been addressed and fixed in NSX Release 4.2.1.0.0.24049740.

Workaround:

If upgrading to NSX 4.2.1 is not immediately possible, you can apply the following workaround:

• Ensure the TFTP server does not reply to TFTP request packets with source port 69 (particularly for TFTP error reply packets).
• Note that normal TFTP traffic will remain unaffected by this change.

Impact :

• The BSOD results in traffic disruption on the WinBMS node.
• WinBMS service will be restarted after the crash.
• Network traffic is interrupted while the node reboots, impacting ongoing processes.