Incorrect MAC-IP binding present in ESXi host for an overlay VM
search cancel

Incorrect MAC-IP binding present in ESXi host for an overlay VM

book

Article ID: 423276

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Incorrect MAC-IP entry is present on the ESXi host for a VM connected to overlay segment on NSX, which results in incorrect traffic forwarding.
  • The same can be validated in the VDR dump table of ESXi host :
    • net-vdr -N -l <DR UUID>
    • For example, IP 10.1.1.1 belong to a VM with mac address 00:50:56:xx:xx:xx, however, the VDR dump shows this IP associated with a different VM's mac address 00:50:56:yy:yy:yy
  • This incorrect binding will result in wrong traffic forwarding for destination IP 10.1.1.1.

 

 

Environment

VMware NSX

Cause

This situation can arise if there are multiple movements of the impacted IP address between 2 VMs. For example, in case of frequent failover between VMs when the 2 VMs are in high availability and the impacted IP address is a VIP address.

Resolution

This is a rare corner case triggered by an upstream data pattern originating from CCP.

Workaround:

Restart cfgagent service on the host:

/etc/init.d/nsx-cfagent restart

Powered by Wolken Software