Fenced vApps are broken in vCloud Director 8.x with NSX 6.3.x

 

Updated with a fix!

 

I’m a huge fan of vCloud Director and the amazing product that NSX is; that being said this is not a knock against vCD or NSX but rather more of a “PSA”. Using vCloud Director and NSX is fantastic aside from this little bug/known issue. If you use fencing in your vCD 8.x environment and NSX 6.2.x do not upgrade just yet. Please see the notes here in a VMware KB about why upgrading to NSX 6.3.x in a vCD 8.x environment will break fenced vApps.

Here is a snip from the KB itself

In NSX 6.3.x Edge Gateways, a new route table is introduced (table 251) which is always looked up first for routes. The main table (table 254) is looked up only when the table 251 does not have a route. The issue occurs because the device routes (a /32 route for vApp VM) are auto-plumbed to the main table, whereas table 251 already has a default route in it. Therefore, since the table 251 already has a default route, the lookup never happens on the main table and hence the fenced vApp virtual machines lose connectivity.

VMware is still working on a fix internally and I’ll try to update this blog once I know more about the fix and when it is released.

 

***UPDATE***

 

Please see the following release doc stating the Fencing issue is fixed in 6.3.2

http://pubs.vmware.com/Release_Notes/en/nsx/6.3.2/releasenotes_nsx_vsphere_632.html

Enjoy!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s