VPC subnets configured with external DHCP relay incorrectly provision an NSX DHCP server, causing VMs to receive IP addresses from the wrong DHCP source.
search cancel

VPC subnets configured with external DHCP relay incorrectly provision an NSX DHCP server, causing VMs to receive IP addresses from the wrong DHCP source.

book

Article ID: 422319

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • NSX Project VPC configured for external DHCP IP allocation is assigning IP addresses from the internal NSX DHCP server, instead of using the DHCP relay profile to relay these requests to the external DHCP server.

  • VPC subnets are configured with external DHCP relay at the VPC level, and created with "Public" access mode.

  • VM's connected to the VPC segment are incorrectly receiving IP addresses from the internal NSX DHCP server.

  • The GET API https://<NSX Manager IP>/policy/api/v1/orgs/default/projects/<project_name>/vpcs/<vpc_name>/subnets/<subnet_id>

    shows the response includes access_mode set to Public and a DHCP configuration with enabled set to true.

    See the example snippet below:

    {
        "ipv4_subnet_size": 16,
        "access_mode": "Public",
        "dhcp_config": {
            "enable_dhcp": true
        },
        "resource_type": "VpcSubnet",
        "id": "<subnet_id>",
        "display_name": "<display name for the subnet id>",
    }

Environment

VMware NSX

Cause

During the VPC subnet creation, the relay profile path fails to get correctly copied to the VPC subnet due to a known issue with version 4.2.x prior to 4.2.3.3

Resolution

This is a known issue and has been resolved in NSX 4.2.3.3.

Workaround:

1. Run the following GET API to retrieve the current subnet configuration:

GET: https://<nsx_manager_fqdn>/policy/api/v1/orgs/default/projects/<project_name>/vpcs/<vpc_name>/subnets/<subnet_name>

Example response snippet:

{
    "ipv4_subnet_size": 16,
    "access_mode": "Public",
    "dhcp_config": {
        "enable_dhcp": true
    },
    "resource_type": "VpcSubnet",
    "id": "<subnet_id>",
    "display_name": "<display name for the subnet id>",
}

2. Detach any VMs connected to the subnet.

3. Delete the existing subnet.

4. Recreate the subnet using the PATCH API call below, ensuring that the DHCP relay configuration path is included in the request body.

PATCH: https://<NSX Manager IP>/policy/api/v1/orgs/default/projects/<project_name>/vpcs/<vpc_name>/subnets/<subnet_id>

{
  "ipv4_subnet_size": 64,
  "access_mode": "Public",
  "dhcp_config": {
    "enable_dhcp": true,
    "dhcp_relay_config_path": "/orgs/default/projects/<project_name>/infra/dhcp-relay-configs/<name_of_dhcp_relay_config>"
  }
}

 

Powered by Wolken Software