• VMware NSX is in use with the Gateway Firewall enabled.
• Alarms are generated for "Service Router Limit Per Edge Exceeded" even though the limit is under the maximum allowed.
• An example of one of these alarms can be seen below:

The number of T0/T1 Service routers 4 or bridges 0 with Gateway Firewall features enabled on edge XXX-XXX-XXX has exceeded the maximum threshold of 98%. Maximum number of Service routers and bridges supported with Gateway Firewall feature enabled is 5.

• The limit for a medium edge node is 5. The above alarm states a combined total of service routers and bridges using the firewall service is 4. The limit has not been exceeded yet the alarm seen in the UI.

VMware NSX 4.2.1.X

This is a known issued with the Event ID: gateway_firewall.sr_limit_per_edge_exceeded which was introduced in VMware NSX 4.2.1.

For reference the supported limits are as follows:

• Medium Edge Node:  5 
• Large Edge Node: 100
• Extra Large Edge Node: 100

This is a known issues impacted VMware NSX 4.2.1.X and fixed in later releases.

Workaround: Suppress or disable the alarm if it is triggered while your T0/T1/Bridge with GFW enabled are within the specified limits.