vSAN Skyline reports multiple errors: DNS forward and reverse lookup are not working, Domain controllers are not reachable and File Server Health.
search cancel

vSAN Skyline reports multiple errors: DNS forward and reverse lookup are not working, Domain controllers are not reachable and File Server Health.

book

Article ID: 391945

calendar_today

Updated On:

Products

VMware vSAN

Issue/Introduction

vSAN skyline health reports multiple errors: 

File Server Health
Description:
Check if file server is in good state. The column NFS Daemon shows if NFS daemon process is running or not. The column SMB Daemon shows if SMB daemon process is running or not. The column #SMB Connections shows the number of SMB client connections to the file server. The column Network shows if the file server IP address is present or not. The column Root File System Accessibility shows if the root file system is responsive to the file server. The file server should be failed over to another agent VM automatically in most cases once issues are detected.
Risk if no action taken: The vSAN file service may not work.

 

DNS forward and reverse lookup are not working

 

Domain controllers are not reachable

 

Hostd log reports: 
2025-03-12T17:46:48.939Z Wa(164) Hostd[2101417]: [Originator@6876 sub=Hostsvc.NetworkProvider opID=7bc41ed6-58ef sid=527a1e75 user=vpxuser:<no user>] Enabling mac learning with forged transmitsoff is not supported

VMKernel log reports:
2025-03-17T13:16:45.231Z In(182) vmkernel: cpu40:4774679)cswitch: L2Sec_EnforcePortCompliance:212: [nsx@6876 comp="nsx-esx" subcomp="vswitch"]client vSAN File Service Node (485).eth0 requested promiscuous mode on port 0x6000021, disallowed by vswitch policy

 

Mac-Learning is enabled under distributed port group:

Environment

VMware vSphere ESXi 8.0

Cause

Mac learning can get disabled on Host level if switch has Promiscuous mode enabled. This happens due to an update to MAC management profile that was added from 8.0u1.

 

Resolution

If the host and vCenter are not at 8.0 U3, upgrade them to this version.

Work Around:

If the symptoms described in this article match the issue, follow the resolution from article: vSAN File Service out of Network after ESXi Host reboot when the Virtual Switch has Promiscuous mode enabled

 

Additional Information

Additional commands:

// Get DVS-Name
# esxcfg-vswitch -l | grep -i "vsan file service node"

// Check mac-learning on the port on the DVS
# netdbg vswitch mac-learning port get --dvport `esxcfg-vswitch -l | grep -i "vsan file service node" | cut -d " " -f 3` --dvs-alias <DVS-Name>     

// Enable mac-learning and unicast flooding on the port on the DVS
# netdbg vswitch mac-learning port set --enable --flooding --dvport `esxcfg-vswitch -l | grep -i "vsan file service node" | cut -d " " -f 3` -dvs <DVS-Name>

// Check mac-learning on the port on the DVS
# netdbg vswitch mac-learning port get --dvport `esxcfg-vswitch -l | grep -i "vsan file service node" | cut -d " " -f 3` --dvs-alias <DVS-Name>

Powered by Wolken Software