NSX-T backed DVS blocking ports
Article ID: 404571
Updated On:
Products
VMware NSX
Issue/Introduction
VM shows blocked port and cannot access the network
Environment
NSX-T 4.x
ESXi 7.x
ESXi 8.x
ESXi 9.x
Cause
If the ESXi host is out of sync with the NSX Manager, it cannot reconnect to the portgroup when the VM is migrated to another host
Resolution
- Run the following command to sho the affected ports:
net-dvs -l | grep -E "port |port.block|volatile.vlan|volatile.status" - Run the following command to list network objects with related MAC Addresses to ensure that the VM is using the correct info:
net-stats -l - Run the following command to list the related NSX backed vSwitch:
esxcfg-vswitch -l - Run the following command to unblock the port on the NSX transport node(ESXi host) VDS:
net-dvs -s com.vmware.common.port.block=false <VDS-NSX> -p <GUID-of-NSX-VDS>
Additional Information
NOTE: This is only a workaround where a NSX Transport NODE is not being upgraded or has failed to reinstall VIBS after a rebuild. The workloads need to be brought back online and is blocked from upgrading the VIBs manually due to change control (or similar) processes. Related fix for the VIB issue: Downloading NSX VIB bundles for ESXi hosts from NSX Manager Appliances
Feedback
Yes
No
Powered by
