Pre NSX-T 9.0

This issue is caused by an internal socket within the NSX System Health Agent (SHA) becoming stuck in an infinite error loop after a client-side connection is abruptly closed.

When a client closes the connection, the SHA (netopad service) tries to shut down its end. The shutdown fails with:

[Errno 104] Connection reset by peer

This close failure prevents the removal of the affected file descriptor (FD) from the input set used by select(). Consequently:

• select() repeatedly reports the FD as ready for read

• The read fails

• Close fails again

This forms an infinite cycle:

read ready → read failure → close failure → repeat

This loop prevents the cleanup routine from progressing and floods the logs with repeated error messages.

The issue can be resolved by restarting the NSX System Health Agent (netopad service) on the affected ESXi host. This action resets the agent's internal connection states and clears the stuck file descriptor, effectively stopping the log flood.

Steps:

• Access the ESXi host: Connect to the affected ESXi host via SSH.

• Restart the netopad service: Execute the following command:

  /etc/init.d/netopad restart

  This command will briefly stop and then restart the NSX Secure Host Agent. There might be a momentary interruption in NSX-related host monitoring or enforcement managed by this agent, but it is typically transient.

• Verify Resolution: After a few moments, check the nsx-syslog to confirm that the repeated connection closed at remote side and Connection reset by peer messages have ceased.

Note: This command is non disruptive to Datapath