VMware ESXi 3.5, Patch ESXe350-201002401-I-SG: Updates firmware (1017685)
Release Date: February 16, 2010
Note: The three ESXi patches for Firmware "I", VMware Tools "T," and the VI Client "C" are contained in a single offline "O" download file.
- When the LSI controller on a storage array gets into an error state, all I/O requests fail with the status CHECK CONDITION (0x2), with sense key NOT READY(0x2), and ASC/ASCQ indicating LOGICAL UNIT IS IN PROCESS OF BECOMING READY (04h/01h). Currently, the ESXi host re-issues the I/O requests to the same failed controller. This fix enables the ESXi host to recognize the above status and sense keys, and perform a storage failover of the LUNs to another available storage controller.
When an ESXi host is connected to a storage array with LSI controllers and the storage controller fails, all I/O operations to the LUNs exported by that controller stop. The guest operating systems in virtual machines that perform I/O operations to these LUNs report errors and possibly fail or have the file systems marked as read-only.
- After restarting an ESXi host, some NFS datastores might appear inaccessible through the user interface although they are mounted and accessible through the command line interface. This issue is more likely to occur if an NFS datastore is configured using a host name or a fully qualified domain name (FQDN) that requires DNS name resolution.
- The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd is configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could cause ntpd to fail, or potentially, execute arbitrary code with the privileges of the ntp user. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue.
- The network connection might be lost when you use Broadcom BCM57710, BCM57711, BCM57711e (bnx2x) NICs. This occurs when the data packets received are larger than the configured MTU size.
- ESXi fails in the aacraid_esx30 driver when handling synchronous commands. This issue is caused by a deadlock in the driver when interrupts are shared between the Adaptec controller and the service console.
ESXi fails and the stack trace is displayed with Exception type 6 error code.
- When the interconnect bay of Virtual Connect is turned off, sometimes the virtual NICs in ESXi 3.5 are shown as up, even though they should be shown as down. This issue occurs when you use Broadcom NetXtreme II 10 Gigabit Ethernet network cards on the HP Virtual Connect Flex-10 Ethernet switch.
- When using N_Port ID Virtualization (NPIV), if the LUN on the physical HBA path is not the same as the LUN on the virtual port (VPORT) path, even though the LUNID:TARGETID pairs are the same, I/O might be directed to a wrong LUN, causing data corruption. For more details, refer KB 1015290. This patch fixes the issue by comparing the unique ID of the LUN on the physical HBA path with the unique ID of the LUN on the VPORT path. If the IDs do not match, then NPIV is disabled for that LUN.
- SNMP traps such as UP or DOWN are not generated for events in ESXi 3.5, when the network link becomes active or inactive for the vNIC that is in a NIC team.
If you want to enable this fix, you should set the value of the NoTransDelay parameter to 1, after applying this patch.
To set the value of NoTransDelay to 1:
- In the VI Client, select the Configuration tab.
- Click Advanced Settings link
- Select Net in the Advanced Settings window.
- Enter the value 1 for the NoTransDelay parameter.
- When you power on blade servers that are connected to SAS switch blade, the blade servers fail to start, displaying a purple screen. This occurs on IBM DS3200 System Storage.
- When you try to perform LUN resets for SAS devices, the mptscsi_2xx driver sends a target reset. The issue occurs because the mptscsi_2xx driver does not support LUN reset for SAS devices.
- Virtual machine stops responding when a storage controller link error occurs in an iSCSI setup.
After installing this patch, you can configure the value of the ActiveTimeout parameter of the software iSCSI initiator. This parameter controls the time taken by the software iSCSI initiator to detect storage controller link errors. When the software iSCSI initiator is connected to arrays with LSI controllers such as IBM TotalStorage FAStT Storage Server, changing the ActiveTimeout to a lower value might resolve the I/O issues that appear in the guest operating system.
Note: Contact VMware technical support to configure the ActiveTimeout value.
- The ata_piix driver is unable to claim SATA resources and control the CD-ROM devices.
After you install ESXi 3.5 Update 3 on an HP Proliant DL580 G5 Server, when the HP Proliant DL580 G5 Server boots up for the first time, ESXi host does not recognize the SATA CD-ROM device and is not able to read any CDs in the drive.
- When ESXi hosts are properly configured and connected to a SAN and there is a storage disruption, the ESXi storage layer is expected to handle the disruption by failing over to an alternate path to the SAN without any effect on the guest operating systems running inside the virtual machines. However, when the storage array used has LSI controllers, the ESXi storage layer failover takes a long time and causes I/O disruptions visible to the guest operating systems inside the virtual machines. This patch makes the ESXi storage layer successfully complete the storage failover in all cases within 60 seconds.
When ESXi 3.5 hosts are connected to storage arrays with LSI controllers (for example, IBM FastT storage arrays) and there is a storage disruption such as a controller failure or a switch failure, the following symptoms might be seen:
- File systems of the guest operating system running in a virtual machine might report errors and get marked as read-only.
- Applications of the guest operating system running in a virtual machine might report I/O failures.
None beyond the required patch bundles and reboot information listed in the table, above.
Patch Download and Installation
ESXi hosts can also be updated by downloading the most recent "O" (offline) patch bundle from http://support.vmware.com/selfsupport/download/ and installing the bundle using VMware Infrastructure Update or by using the vihostupdate command through the Remote Command Line Interface (RCLI). For details, see the ESX Server 3i Configuration Guide and the ESX Server 3i Embedded Setup Guide (Chapter 10, Maintaining ESX Server 3i and the VI Client) or the ESX Server 3i Installable Setup Guide (Chapter 11, Maintaining ESX Server 3i and the VI Client).