Search the VMware Knowledge Base (KB)
View by Article ID

vsfwd connection to the NSX Manager fails (2146873)

  • 5 Ratings
Language Editions

Symptoms

  • vsfwd connection is CLOSED on the ESXi host.
  • Running the esxcli network ip connection list |grep 5671 command, you see entries similar to:

    tcp 53 0 10.20.2.56:23897 10.20.1.10:5671 CLOSED 75797 newreno vsfwd
    tcp 65480 0 10.20.2.56:32611 10.20.1.10:5671 CLOSED 75797 newreno vsfwd


    Note: For additional symptoms and log entries, see the Additional Information section.

Purpose

To work around this issue, contact VMware Support.

Cause

This issue occurs when /dev/random call is blocked which affects NSX operation on password generation.

Note: In certain conditions, the ESXi /dev/random call may get stuck on a loop and due to this, exiting fails.

Resolution

This is a known issue affecting VMware NSX for vSphere 6.2.x with ESXi 6.0 Patch Release, ESXi600-201608001 (Build 4192238).

This issue is resolved in ESXi 6.0 Patch Release, ESXi600-201610001.

If you encounter this issue, file a support request with VMware Support and quote this Knowledge Base article ID (2146873) in the problem description. For more information, see How to Submit a Support Request.

Additional Information

You experience these additional symptoms:
  • vsfwd process stuck with VMKAPI thread in WAIT status.

    ps -s |grep vsfwd
    75797 75796 vsfwd 75796 75796 75796 38519 UXN WAIT VMKAPI 0-39 0.25313 /usr/lib/vmware/vsfw/vsfwd


  • NSX Manager fails to push firewall rules on to the host.
  • Running the show log manager command on the NSX Manager, you see entries similar to:

    2016-08-25 15:53:30.044 BST ERROR firewallRespMonitoringThread ConfigurationPublisher:242 - Firewall provisioning failed on Host host-XXX for reason 301501:[1471967453250, host-XXX, 1471867527910]. Host is at generation -1

  • NSX Edge health check fails as vsfwd connection is CLOSED.
  • In the vsm.log file, you see entries similar to :

    2016-08-25 16:54:19.597 BST INFO edgeVseMonitoringThread SystemEventDaoImpl:133 - [SystemEvent] Time:'Thu Aug 25 16:54:19.590 BST 2016', Severity:'Medium', Event Source:'edge-XX', Code:'30033', Event Message:'NSX Edge VM not responding to health check.', Module:'NSX Edge Health Check', Universal Object:'false'
    2016-08-25 16:54:19.621 BST INFO edgeVseMonitoringThread SystemEventDaoImpl:133 - [SystemEvent] Time:'Thu Aug 25 16:54:19.616 BST 2016', Severity:'Critical', Event Source:'edge-XX', Code:'30034', Event Message:'None of the NSX Edge VMs found in serving state. There is a possibility of network disruption.', Module:'NSX Edge Health Check', Universal Object:'false'


  • In the /var/log/vsfwd.log file of the ESXi host, you see entries similar to:

    2016-08-25T19:43:53Z vsfwd: [ERROR] Queuing as Unable to Write 295 Bytes for VMCI Client For Client Type VMCI error ret -1 errno 107
    2016-08-25T19:45:50Z vsfwd: [ERROR] recv error: 104
    2016-08-25T19:45:53Z vsfwd: [ERROR] recv error: 104
    2016-08-25T19:45:59Z vsfwd: [INFO] Find new password, !!EXITING!!
    2016-08-25T19:46:03Z vsfwd: [INFO] Ending VMCI CLIENT Listen Thread
    2016-08-25T19:46:05Z vsfwd: [ERROR] Exiting on Error: 97 status 0 exitStatus -1


    Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
To be alerted when this article is updated, click to Subscribe to Document in the Action box.

See Also

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 5 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 5 Ratings
Actions
KB: