VLAN Transport zones removed from cluster after upgrading to 4.2
Article ID: 388434
Updated On:
Products
VMware NSX
Issue/Introduction
- The user-defined VLAN transport zones are automatically removed from the cluster immediately after NSX-T upgrade to 4.2 version and nsx.vlan-tz.security.xxxx system generated transport zones are now associated with the cluster.
- On vCenter, multiple nsx.LogicalSwitch:<uuid> can be observed instead of the segment names configured on NSX
- The VMs experience complete outage since the existing segments are not a part of these system generated transport zones
- The number of migration tasks run can be observed multiple times, this is only expected once. This can be validated with the below command in NSX managers:
grep "L2 unification migration task starting..." var/log/upgrade-coordinator/logical-migration*
Environment
VMware NSX
Cause
- Starting NSX-T version 4.2, the workflow has been designed to unify the host switches for "Security-Only" and "Network & Security" deployments.
- It has been observed that incorrect workflows can lead to the data migration task being triggered more than once, this leads to the migration process treating the system as a security-only deployment since portgroup_transport_zone_id has already been populated by the first task, and as per the workflow, this 2nd data-migration task will overwrite the user-defined VLAN TZs as it expects a security only deployment to have no vlan TZ applied.
Resolution
This issue is resolved in VMware NSX 4.2.2, available at Broadcom downloads. However please be aware that this will not resolve the issue if already present, only prevent it occuring on upgrade once the upgrade is from <4.2 to 4.2.2 and above.
If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.
Workaround if the issue has occurred:
Update the TNP with the original Transport zones
Feedback
Yes
No
Powered by
