• HCX Service Mesh tunnels intermittently go down.
• Multiple Service Mesh instances show a Down state.
• Tunnels may appear down in the HCX UI, but:
  • Bidirectional traffic over UDP port 4500 (IPsec) is still observed on IX uplinks.
• Issue may move across different Interconnect (IX) appliances.

VMware HCX

This issue occurs due to an incorrect subnet configured in the Network Profile associated with the affected Service Mesh.

To resolve the issue:

1. Identify the affected Service Mesh.
2. Delete the impacted Service Mesh or Update the Network Profile with the correct subnet configuration.
3. Redeploy the Service Mesh using the updated Network Profile.
4. Verify that all tunnels come up and remain stable.

There is no permanent workaround. However, the following may provide temporary relief:

• vMotion of Interconnect (IX) appliances may temporarily restore tunnel stability.
• Allowing time may result in transient recovery, but the issue can reoccur until configuration is corrected.