VM's on L2 extended segments unable to communicate when MON enabled due to missing Local Egress (LE) flag.
search cancel

VM's on L2 extended segments unable to communicate when MON enabled due to missing Local Egress (LE) flag.

book

Article ID: 404846

calendar_today

Updated On:

Products

VMware HCX

Issue/Introduction

  • VM's connected on different L2 extended segments unable to communicate with each other.
  • HCX MON (Mobility Optimized Networking) is enabled on VM level, when MON is turned on, there's 100% packet loss—ping doesn't work.
  • Disabling MON restores normal traffic flow through the on-premises gateway.

Environment

VMware HCX

Cause

  • During MON enablement on the VM level, the remoteRtr property on the ESX host VM logical port set the Local Egress (LE) flag for routing.
  • If the Local Egress (LE) flag isn't set on a VM’s port, its traffic will be dropped.

Resolution

Workaround:

  • To resolve this missing LE flag, change the router location of impacted VM's  to 'on-prem' and then back to cloud, this process had to be complete for both source and destination VMs.
  • To set the Target Router Location for each MON enabled VM's.
    Select a VM and expand the row.
    Set the Target Router Location for VM by selecting the destination option from the drop-down menu. Click Submit.

Additional Information

The local egress (LE) flag on the VM port level can be verified from the ESXI host running these VM's by using net-dvs command.

#net-dvs -l |grep "com.vmware.nsx.port.extraConfig.remoteRtr" | grep "<gateway address>"

Non working VM port sample:.

com.vmware.nsx.port.extraConfig.remoteRtr =: "10.#.#.1 02:##:##:##:43:58 02:##:##:##:44:52 00:00:00:00:00:00" <-----LE flag is missing

Working VM port sample:

com.vmware.nsx.port.extraConfig.remoteRtr = "10.#.#.1 02:##:##:##:43:58 02:##:##:##:44:52 00:00:00:00:00:00 LE" ,  propType = POLICY

Powered by Wolken Software