Search the VMware Knowledge Base (KB)
View by Article ID

VM connectivity issues with error "Failed to fork child process" (2146890)

  • 0 Ratings
Language Editions


In a VMware NSX for vSphere 6.2.x environment with Distributed Firewall (DFW), you experience these symptoms:
  • Network traffic to/from virtual machine may fail.
  • In the /var/log/vsfwd.log file on the affected ESXi host where the virtual machine is running, you see entries similar to:

    vsfwd: [ERROR] Failed to fork child process: 28
    vsfwd: [ERROR] Failed to read Memory thresholds


Upgrading to VMware NSX for vSphere 6.2.5 resolves the issue.


The DFW Firewall process uses an inefficient method to spawn child processes and when over 50% of the allotted memory is used, the spawning would fail. This prevents the DFW Firewall process to carry out functions performed by the child processes.


This issue is resolved in VMware NSX for vSphere 6.2.5, available at VMware Downloads.

To work around this issue if you do not want to upgrade, reboot the ESXi host showing the vsfwd errors in the logs.

Note: If the over-subscribing was due to too many rules or Security Groups (SG):

In addition to rebooting the ESXi host, ensure to reduce the number of rules (or) increase the ESXi host memory.

See Also

Language Editions


Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)

Please enter the Captcha code before clicking Submit.
  • 0 Ratings