NSX management cluster DNS issues observed while secondary DNS is functional and present.
search cancel

NSX management cluster DNS issues observed while secondary DNS is functional and present.

book

Article ID: 427432

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

System services and functions may be impacted if the primary DNS server is unreachable. Despite having valid secondary DNS servers configured, the system may not fail over to these servers before internal service timeouts occur.

Common symptoms of this DNS timeout behavior may include:

Environment

  • VMware NSX

  • VMware NSX-T Data Center

Cause

The internal service timeout for several NSX components is configured to be shorter than the standard operating system DNS failover threshold. When the Primary DNS server is non-responsive, the system services time out while waiting for a response, preventing the resolver from attempting the next configured DNS server in the list.

Resolution

To resolve this issue, ensure the Primary DNS server is reachable or update the configuration to a functional server.

Validate DNS Connectivity

Log in to the NSX Manager CLI as the root user. Test connectivity to the DNS. If the following commands return 3 timeout values before the secondary DNS returns a reply, this KB may be relevant:

Forward lookup:

dig <FQDN of Manager> +short

Reverse lookup:

dig -x <IP of Manager> +short

Update Configuration

If the Primary DNS is unavailable, update the appliance network settings to ensure a healthy, responsive DNS server is listed as the first (primary) entry.

Refer to the following guide for steps: Updating DNS server details for NSX-T Manager cluster

Once the primary entry is corrected, services should recover automatically, alarms may take some time to clear.

Additional Information

For specific examples of how this behavior manifests, refer to:

Powered by Wolken Software