NSX Edge Node Tunnel Status "Down" Following VM Migration in Multi-Site Clusters
search cancel

NSX Edge Node Tunnel Status "Down" Following VM Migration in Multi-Site Clusters

book

Article ID: 427657

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • In a multi-site environment, an Edge node reports a tunnel status of Down.
  • This issue typically occurs after a resource rebalance or the deployment of new nodes, while other nodes in the same cluster remain healthy and "Up."

    Symptoms include:

     • Edge node tunnels remain "Down" despite redeployment of the Edge VM.
     • The Edge node is found to be residing on an ESXi host at a different physical site (e.g.,Site A ) than its intended configuration (e.g., Site B) in the same cluster.
     • Connectivity fails due to site-specific networking constraints (VLAN/Subnet mismatches) at the incorrect physical location.

Environment

  • VMware NSX

Cause

  • This issue is caused by missing or incorrectly configured DRS Host Affinity Rules. If an Edge VM is not explicitly assigned to a Host Affinity group for its specific site, Distributed Resource Scheduler (DRS) may migrate the VM to a host at a different site during cluster rebalancing. Because Edge nodes rely on site-specific physical networking paths, residing on a host at the wrong site breaks tunnel connectivity.

Resolution

To restore connectivity and prevent future unauthorized migrations, perform the following steps:

  1. Migrate the VM:

    • Log into the vSphere Client.

    • Locate the impacted Edge VM.

    • Manually migrate (vMotion) the VM back to an ESXi host located at the correct physical site.

    • Verify that the tunnel status returns to Up.

  2. Configure Host Affinity Groups:

    • Navigate to the Cluster > Configure > VM/Host Groups.

    • Ensure there is a Host Group containing all ESXi hosts for the specific site.

    • Ensure there is a VM Group containing the Edge nodes assigned to that site.

  3. Create/Update VM-to-Host Rules:

    • Navigate to VM/Host Rules.

    • Edit or create a rule that links the Edge VM Group to the correct Host Group.

    • Set the rule type to "Virtual Machines to Hosts".

    • Select "Must run on hosts in group" (or "Should run on hosts in group") to ensure the node remains pinned to the correct site-specific infrastructure.

For more information on configuring DRS rules, see the VMware documentation on Using VM-Host Affinity Rules.

Powered by Wolken Software