ESXi host lost connection to NFS datastore after firewall configuration changed
search cancel

ESXi host lost connection to NFS datastore after firewall configuration changed

book

Article ID: 404626

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  •  The ESXi host lost connection to NFS datastore when the nfsclient rule set is disabled in firewall configuration.
  •  On var/log/vobd.log you see similar to: 
       [netCorrelator] 5521683710543us: [vob.net.firewall.config.changed] Firewall configuration has changed. Operation 'disable' for rule set nfs41Client succeeded.

Environment

VMware vSphere ESXi 

Cause

 The issue is caused because the nfsClient rule set disabled in firewall configuration on ESXi host.

Resolution

Enable the nfsClient rule set in firewall configuration on the impacted ESXi Host.

For more information about the firewall configuration on ESXi Host: ESXi firewall configuration

 

Additional Information

When you add or mount an NFS datastore, ESXI checks the state of the NFS Client (nfsClient) firewall rule set.

  • If the nfsClient rule set is disabled, ESXi enables the rule set and disables the Allow All IP Addresses policy by setting the allowedAll flag to FALSE. The IP address of the NFS server is added to the allowed list of outgoing IP addresses.
  • If the nfsClient rule set is enabled, the state of  the rule set and the Allowed IP Address policy by are not changed. The IP address of the NFS server is added to the allowed list of outgoing IP addresses.

Document: NFS Client Firewall Behavior

Powered by Wolken Software