for i in `vsish -e ls /net/dvFilter/slowpaths`; do vsish -e cat /net/dvFilter/slowpaths/${i}stats; done
dvFilter slow path agent stats {
kernel_rx:64321
kernel_tx:64321
user_rx:64321
user_tx:64321
}
dvFilter slow path agent stats {
kernel_rx:759598
kernel_tx:758029 <<<<
user_rx:759598
user_tx:759598
}
When traffic is in a blocking state, restarting the nsx-vdpi service on the ESXi host will temporarily resolve the issue
/etc/init.d/nsx-vdpi restart
For environments not yet upgraded to ESXi 7 Update 2, the following workaround can be used.
Note: this workaround resolve the ESXi side issue only and the NSX software fix is still required for a complete workaround.
Configuration change at ESXi level that will prevent the traffic blocking condition while allowing the NSX-T features to function as normal
a. Log into each ESXi and run the following command:
esxcfg-advcfg --set-kernel "FALSE" netPSBlockableLock
b. Reboot the ESXi host
c. Verify the change:
esxcfg-advcfg --get-kernel netPSBlockableLock
Note: There is no known performance impact caused by applying the above configuration.