Error: "NAT rule has an invalid vnic value 0" when powering on a vApp or Virtual Machine in VMware Cloud Director
search cancel

Error: "NAT rule has an invalid vnic value 0" when powering on a vApp or Virtual Machine in VMware Cloud Director

book

Article ID: 399898

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • Powering on a vApp or Virtual Machine (VM) fails with the error below:

    [ ########-####-####-########1008 ] NAT rule ##### has an invalid vnic value 0 . The value should be a vnic index number.

  • In /opt/vmware/vcloud-director/logs/vcloud-container-debug.log the error below is present:

    DATE TIME| DEBUG    | Backend-activity-pool-119545 | NsxTVAppNetwork                | Exception occurred while deploying and attaching network to vApp edge EDGE_NAME with id ########-####-####-########4a3e. | requestId=########-####-####-########1008,request=POST https://cloud.example.com/api/vApp/vapp-########-####-####-########fccc/action/deploy,requestTime=1
    748616245118,remoteAddress=##.##.##.##:53060,userAgent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ...,accept=application/*+xml;version 39.0.0-alpha vcd=########-####-####-########aa98
    ,task=########-####-####-########ddd6 activity=(com.vmware.vcloud.backendbase.management.system.TaskActivity,urn:uuid:########-####-####-########ddd6) activity=(com.vmware.ssdc.backend.services.im
    pl.DeployVAppActivity,urn:uuid:########-####-####-########5b43) activity=(com.vmware.ssdc.backend.DeployVAppVmSubsetActivity,urn:uuid:########-####-####-########638e)
    com.vmware.vcloud.api.presentation.service.BadRequestException: NAT rule ##### has an invalid vnic value 0. The value should be a vnic index number.
    [...]

    AND

    DATE TIME | ERROR    | Backend-activity-pool-119545 | DeployVAppVmSubsetActivity     | [Activity Execution] Uncaught Exception during Activity execution. Recent phase: com.vmware.ssdc.backend.
    DeployVAppVmSubsetActivity$DeployNetworksPhase@185a067b - Handle: urn:uuid:########-####-####-########638e, Current Phase: DeployVAppVmSubsetActivity$DeployNetworksPhase | requestId=########-####-####-########008,request=POST https://cloud.example.com/api/vApp/vapp-########-####-####-########fccc/action/deploy,requestTime=1748616245118,remoteAddress=##.##.##.##:53060,userAge
    nt=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ...,accept=application/*+xml;version 39.0.0-alpha vcd=########-####-####-########aa98,task=########-####-####-########ddd6 activity=
    (com.vmware.vcloud.backendbase.management.system.TaskActivity,urn:uuid:########-####-####-########ddd6) activity=(com.vmware.ssdc.backend.services.impl.DeployVAppActivity,urn:uuid:########-####-####-########f5b43) activity=(com.vmware.ssdc.backend.DeployVAppVmSubsetActivity,urn:uuid:########-####-####-########638e)
    java.util.concurrent.ExecutionException: com.vmware.vcloud.api.presentation.service.BadRequestException: NAT rule 65,544 has an invalid vnic value 0. The value should be a vnic index number.
            at com.vmware.vcloud.activity.executors.ActivityRunner.run(ActivityRunner.java:136)
            at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
            at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
            at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
            at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
            at java.base/java.lang.Thread.run(Thread.java:829)
    Caused by: com.vmware.vcloud.api.presentation.service.BadRequestException: NAT rule ##### has an invalid vnic value 0. The value should be a vnic index number.
    [...]

  • There are NAT rules configured on the Edge Gateway for the routed vApp network.
  • If a VM with a NAT rule is moved to another vApp, the NAT rule stays in the source vApp Network and does not get moved to the new vApp along with the VM.
  •  Ghost VMs on vApp networks preventing VMs from powering on.

Environment

VMware Cloud director 10.5.1.1
VMware Cloud Director 10.6.1.1

Cause

The issue is caused because of the presence of some ghost entries in the NAT settings of the certain vApp networks. The issue is also caused because of The NAT rule that has invalid vnic "0" index.

Resolution

Delete and recreate the affected NAT.

To identify the affected NAT rule:

  1. Take a database backup before proceeding as per documentation at Backup and Restore of Your VMware Cloud Director Appliance
  2. Take note of the Edge Gateway name, Edge Gateway ID and NAT ID from the logs as highlighted below:

    DATE TIME| DEBUG    | Backend-activity-pool-119545 | NsxTVAppNetwork                | Exception occurred while deploying and attaching network to vApp edge EDGE_NAME with id ########-####-####-########4a3e. | requestId=########-####-####-########1008,request=POST https://cloud.example.com/api/vApp/vapp-########-####-####-########fccc/action/deploy,requestTime=1
    748616245118,remoteAddress=##.##.##.##:53060,userAgent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ...,accept=application/*+xml;version 39.0.0-alpha vcd=########-####-####-########aa98
    ,task=########-####-####-########ddd6 activity=(com.vmware.vcloud.backendbase.management.system.TaskActivity,urn:uuid:########-####-####-########ddd6) activity=(com.vmware.ssdc.backend.services.im
    pl.DeployVAppActivity,urn:uuid:########-####-####-########5b43) activity=(com.vmware.ssdc.backend.DeployVAppVmSubsetActivity,urn:uuid:########-####-####-########638e)
    com.vmware.vcloud.api.presentation.service.BadRequestException: NAT rule #####4 has an invalid vnic value 0. The value should be a vnic index number.
    [...]

  3. SSH the VCD primary cell and connect to the DB running the command below:

    sudo -i -u postgres psql vcloud

  4. Identify the Edge gateway running the command below and take copy the service_config column

    select * from gateway where id = '{Edge Gateway ID from step 1}';

  5. Paste the information copied from the step 4 in a notepad and identify the NAT rule by searching for the NAT Rule ID from step 2 and take note of the IP. Below an output example:

    <void property="ruleId">
    <int>#####4</int>       >>> NAT RULE ID
    </void> 
    <void property="ruleType"> 
    <string>SNAT</string>
    </void>
    <void property="translatedIp"> 
    <string>##.##.##.##</string>
    </void>
    <void property="translatedPort"> 
    <string>any</string>
    </void> 
    <void property="vappScopedVmId"> 
    <string>########-####-####-########a0fc</string> 

  6. On the Tenant portal, browse the affected browser and the NAT rules.
  7. Identify the NAT rules by using the IP from step 4.
  8. Take note of the NAT rule configuration.
  9. Delete and recreate the NAT rule.
  10. Power on the vApp.
Powered by Wolken Software