NSX manager to policy migration is available for some LogicalPorts even though they already have an associated segment
search cancel

NSX manager to policy migration is available for some LogicalPorts even though they already have an associated segment

book

Article ID: 392135

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • NSX is upgraded from 3.2.2 to 4.2.1.
  • NSX was previously on a 3.1.# version.
  • After the upgrade, LogicalPorts objects show as eligible for promotion
  • Some of the eligible LogicalPorts already have an associated Segment in the Policy UI
  • These LogicalPorts do not have intent path set in the logical port definition

Environment

VMware NSX-T Data Center
VMware NSX

Cause

Due to an issue in NSX 3.1, SegmentPort discovery wasn't taking place resulting in the misconfiguration of the LogicalPorts.

Resolution

A trivial change (such as editing the description) to the LogicalPort will correct the issue.

Via the NSX API (all commands run from one of the manager nodes):

  1. Fetch and Store the LogicalPort payload:

    curl -k -u '<admin-user>:<admin-password>' -X GET https://localhost/api/v1/logical-ports/<ID>

  2. Update the Description in the fetched LogicalPort payload, and use it to update the LogicalPort:

    curl -k -u '<admin-user>:<admin-password>' -X PUT https://localhost/api/v1/logical-ports/<ID> -d @/path/to/file/containing/updated/logical-port-payload

Via the NSX UI

  1. Go to the NSX Manager UI, select the LogicalPort and perform Edit/Modification (just update the Description).
  2. Go to the NSX Policy UI, and look for the presence of SegmentPort corresponding to the LogicalPort that was updated in the last step.
 
Note: Use the following API (form an NSX manager node) for to list LogicalPorts:

http://127.0.0.1:7440/nsxapi/api/v1/mppolicy/migration/object-ids?resource_type=InternalLogicalPort
Powered by Wolken Software