NSX ports are recreated on VM migration and configurations of the original ports are lost.
search cancel

NSX ports are recreated on VM migration and configurations of the original ports are lost.

book

Article ID: 392445

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • You configured port specific settings.
    • For example, address binding and segment profile override.
  • You noticed such configurations are lost without any NSX operation.
    As a result, VMs might have a network communication issue.
  • The ID of the port has changed.

Environment

VMware NSX

VMware NSX-T

Cause

The issue is seen due to the combination of the current design of NSX port management and an environmental issue.

When a VM migrates to another host, NSX port is detached on the source host and attached on the destination host.
NSX Manager waits for 30 seconds before it deletes the port when it receives a detach request. If an attach request for the same VIF is received during the period, NSX Manager retains the port.

For some reason, like ESXi, storage, or VC is under load, it might take more than 30 seconds for the detached port to be attached on the destination host.
In such cases, NSX Manager deletes the original port and creates a new port on receiving an attach request from the destination host.
Configurations of the original port, like address bindings and overridden segment profiles, are lost as the port is deleted, and a new port is created with default configurations.

You can find detach and attach requests in /var/run/log/nsx-syslog.* of the source and the destination hosts.

Source host
<Timestamp> nsx-opsagent[42487104]: NSX 42487104 - [nsx@6876 comp="nsx-esx" subcomp="opsagent" s2comp="nsxa" tid="90310854" level="INFO"] [DoVifPortOperation] request=[opId:[<Operation ID>] op:[HOSTD_DETACH_PORT(2)] vif:[<VIF UUID>] ls:[<Logical Switch UUID>] vmx:[<vmx file path>] lp:[]]

Destination host
<Timestamp> nsx-opsagent[45929159]: NSX 45929159 - [nsx@6876 comp="nsx-esx" subcomp="opsagent" s2comp="nsxa" tid="45931934" level="INFO"] [DoVifPortOperation] request=[opId:[<Operation ID>] op:[HOSTD_ATTACH_PORT(1)] vif:[<VIF UUID>] ls:[<Logical Switch UUID>] vmx:[<vmx file path>] lp:[]]

Resolution

Configure the port again.

To mitigate the issue, you can extend the timer to delete ports after detach request.

  1. Edit /opt/vmware/proton-tomcat/webapps/nsxapi/WEB-INF/classes/l2-switching-override.properties in an NSX Manager node.
  2. Change the value of the line.
    switching.logicalport.delayedDeletion.delay=30000
    The value is in millisecond.
  3. Restart proton.
    /etc/init.d/proton restart
  4. Repeat the steps on all the NSX Manager nodes.

Note:
It delays actual port deletion as well. During the period, the segments can not be deleted because the ports have not been deleted yet.

Note2:
Follow the steps again after you upgrade NSX, delete and deploy new NSX Manager nodes, or restore NSX Manager from backup.

Powered by Wolken Software