Virtual Machines lose network connectivity on NSX Segments in "Marked for Delete" state
search cancel

Virtual Machines lose network connectivity on NSX Segments in "Marked for Delete" state

book

Article ID: 439273

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Moving affected Virtual Machines (VMs) to a standard vDS port group restores connectivity, but moving them back to the NSX segment fails either immediately or appears to connect and then disconnect after a short period.

  • The affected segment appears grayed out in the NSX Manager UI and may show a status of "In Progress" or "Deleting".

  • The API request: GET https://{mgrIP}/policy/api/v1/infra/segments  may NOT list these segments, but they are listed when run as:  GET https://{mgrIP}/policy/api/v1/infra/segments?include_mark_for_delete_objects=true

  • New VMs cannot be attached to the segment, or existing VMs lose connectivity after a power cycle, vMotion, or network adapter disconnect/reconnect.

  • Some VMs on the same segment may remain functional temporarily while relying on stale Local Control Plane (LCP) entries.

Cause

When an NSX segment is marked for deletion, the NSX Management Plane and Central Control Plane begin unbinding the logical resources associated with that segment.

Even if the segment remains visible in the UI because it is "stuck" (often due to active port attachments), the underlying Virtual Network Identifier (VNI) is often unassigned or placed in a "ghosted" state (VNI -1). While some VMs may maintain connectivity temporarily using stale cached entries on the host, any event that requires a new control plane look-up (such as a VM power event or a host-level management trigger) will result in the controller dropping the traffic because it no longer recognizes the segment as a valid forwarding target.

Resolution

An NSX segment in a "Marked for Delete" state is not a valid object for hosting production traffic. To restore stability:

  1. Confirm the segment status in the NSX UI. If the segment is grayed out or shows a deletion in progress, it should be considered unreliable.

  2. Create a new NSX segment with the required configuration (VLAN, Overlay, Gateway, etc.).

  3. Migrate All VMs: Immediately migrate all VMs from the "Marked for Delete" segment to the new, healthy segment.
    • Note: Do not attempt to "fix" the existing segment or re-attach VMs to it, as the unbinding of the VNI is typically irreversible once the deletion process has reached the control plane.

  4. Once all VMs and ports have been migrated away, the orphaned segment should complete its deletion.

Additional Information

Refer also to (KB 368692) Deleted Segments show "In progress" in NSX UI

Powered by Wolken Software