VMware NSX 4.1.2.5 | 30 JUL 2024 | Build 24150840

Check for additions and updates to these release notes.

What's New

NSX 4.1.2.5 is an update release that comprises bug fixes only. See "Resolved Issues" for the list of issues resolved in this release. See the VMware NSX 4.1.2 Release Notes for the list of new features introduced in NSX 4.1.2 and for the current known issues.

Compatibility and System Requirements

For compatibility and system requirements information, see the VMware Product Interoperability Matrices and the NSX Installation Guide.

Upgrade Notes for This Release

For instructions about upgrading NSX components, see the NSX Upgrade Guide.

Customers upgrading to this release are recommended to run the NSX Upgrade Evaluation Tool before starting the upgrade process. The tool is designed to ensure success by checking the health and readiness of your NSX Managers prior to upgrading. The tool is integrated into the Upgrade workflow, before you begin upgrading the NSX Managers.

NOTE: The upgrade path from NSX 4.1.2.5 to NSX 4.2.0 / VCF 5.2.0 is blocked and will be supported in upcoming NSX and VCF releases.

Upgrade Integration Issues Due to Download Site Decommission

The NSX upgrade experience is impacted due to the decommissioning of downloads.vmware.com. See knowledge base article 372634 before upgrading.

Available Languages

Beginning with the next major release, we will be reducing the number of supported localization languages. The three supported languages will be:

  • Japanese

  • Spanish

  • French

The following languages will no longer be supported:

  • Italian, German, Korean, Traditional Chinese, and Simplified Chinese.

Impact:

  • Customers who have been using the deprecated languages will no longer receive updates or support in these languages.

  • All user interfaces, help documentation, and customer support will be available only in English or in the three supported languages mentioned above.

Because NSX localization utilizes the browser language settings, ensure that your settings match the desired language.

Document Revision History

Revision Date

Edition

Changes

July 30, 2024

1

Initial edition

Resolved Issues

  • Fixed Issue 3413790: CRUD operations for Logical Switches might not sync with vSphere if they are in a Failed state.

    The process that automatically retries failed operations is not working properly.

  • Fixed Issue 3401906: Changes to Global Manager certificates are not applied until after Global Manager restarts.

    Customers are unable to view Local Manager statistics and other metrics from Global Manager.

  • Fixed Issue 3399792: VMs are still present in groups even though their tags have been deleted.

    After VM tags are removed, group membership is not reflected correctly.

  • Fixed Issue 3411983: The memory usage on Manager node has reached the high threshold value of 90%.

    Memory usage on NSX might exceed 90% causing potential business impacts such as system slowdowns or instability.

  • Fixed Issue 3399513: NSX Federation Local Manager certificates are not propagating to GM.

    In a federated environment after upgrading LM from version 3.1 to 3.2 without upgrading GM to 3.2, site switcher becomes unavailable due to a stale certificate.

  • Fixed Issue 3374903: core.dp-fw-dispatch coredump observed on Edge during and after upgrade.

    Customer will see a core alarm. No impact on functions. Configuration would be reapplied.

  • Fixed Issue 3410293: OVF certificate validation failed while deploying an Edge using NSX 4.1.0.

    The customer is unable to upgrade an Edge node from NSX 4.1.0.

  • Fixed Issue 3400256: Network performance with NetQ RSS is low with multiple uplinks on a host switch configured with “Enhanced Datapath” (EDP) or “Enhanced Datapath Performance”.

    VM requesting NetQ RSS or VMKNIC performance could be low when a host switch is configured with EDP and has multiple uplinks.

  • Fixed Issue 3399505: Service configuration resource refers to a logical router UUID that no longer exists in the system causing exceptions in the UI search.

    NSX Policy API fails.

  • Fixed Issue 3399507: In an upgraded setup, post APH_TN certificate replacement, there is a possible manager-host disconnection and high disk usage alarm due to a lot of tmp files.

    Possible manager<-> host disconnection high disk usage alarm, if a lot of tmp files are created under /etc/vmware/nsx-appl-proxy.

  • Fixed Issue 3402214: GM and LM sync shown disconnected after upgrade to 4.1.x

    Unable to publish new firewall rules from global manager.

  • Fixed Issue 3404005: Host upgrade status regresses due to failed post-upgrade checks after upgrade-coordinator JVM is restarted.

    Cannot proceed to next phase of the NSX upgrade.

  • Fixed Issue 3396943: Edge upgrade fails leaving all the NICs on the edge virtual machine disconnected post powering ON the edge virtual machine.

    Edge upgrade will fail.

  • Fixed Issue 3404006: Component upgrade status changes to “Paused / Not started / Failed” from Success if any MP or Host is down post upgrade.

    Cannot proceed to next phase of the NSX upgrade.

  • Fixed Issue 3399512: Duplicate certs associated with CBM_API and CBM_CSM services.

    No impact as these are internal certs. Customers will see notifications about expired certs.

  • Fixed Issue 3396940: After an MP2Policy promotion, non-default services are removed from the DFW rules.

    Traffic is blocked by DFW rules after an MP2P promotion as the non-default services that were previously associated to DFW rules are removed.

  • Fixed Issue 3402846: Connection between TN-APH will not establish due to certificate failure.

    Customer cannot perform any operations since the TNs are unreaachable from Manager.

  • Fixed Issue 3399521: On Global Manager, Async Replicator service to APH may encounter RPC message delivery failure issue when AR and APH connection retries occur.

    LM-GM will be disconnected.

  • Fixed issue 3396931: After an MP to policy promotion, the guestuser1 is not allowed to modify the DFW section/rule.

    Customer will not be able to edit the section/rule after an MP2Policy migration.

  • Fixed Issue 3401358: A previous attempt to lessen the load on the vIDM server disabled the ability to refresh the users' access tokens resulting in the need to login again.

    Unexpected logout requiring reauthentication.

  • Fixed Issue 3396929: NCP is crashing on master VMs during MP2Policy migration when the cluster is rebooted.

    NCP migration will fail to migrate to Policy.

  • Fixed Issue 3400259: Packet drop are noticed on pNIC even though there are enough CPU cycles left in the host with ENS Enabled.

    Customers may see varying throughput.

  • Fixed Issue 3399999: ENS cannot use more than 4 RSS queues per engine.

    Due to the hard limit on the number of RSS queues, RX throughput might be throttled.

  • Fixed Issue 3398821: Application of a new certificate for CMBU_CORFU certificate type does not come into effect on GM nodes.

    Customers trying to use CA signed certificate for CBM_CORFU, will see that the CA signed certificate doesn't get used internally.

  • Fixed Issue 3410161: When site was getting offboarded, in some cases, the site's flow status in the datastore was not getting cleaned up properly.

    Offboarding and then re-onboarding sync between GM and LM might not work.

  • Fixed Issue 3396924: MP2P feedback response shows incorrect results. It shows "mp_id" as "LOGICAL_SWITCH", a jumbled error_desc, and an incorrect type.

    NCP migration will fail to migrate to Policy.

  • Fixed Issue 3396921: VMs created as part of vcLS2.0 are not tagged as SYSTEM_VM.

    "Type" of Embedded-vCLS VMs will be incorrect that would cause incorrect members being shown as part of groups.

  • Fixed Issue 3401356: IDFW feature is disabled when a non-default project is created.

    When a new non-default project is created, IDFW feature gets disabled and existing IDFW rules are disabled in default project.

  • Fixed Issue 3401350: Application failure alarm on Edge node with segmentation fault backtrace.

    NSX Edge might experience a failure in datapathd process when VLAN-backed switch ports were configured with firewall rule.

  • Fixed Issue 3401349: DFW exclusion list not applied as expected to VMs.

    The DFW exclusion list might be affected and not function correctly if NSX versions 3.2.0.1 or 3.2.1 have been installed in the environment at any point. This might cause the components in the exclusion list to be inadvertently applied with DFW rules.

  • Fixed Issue 3401347: nsx-exporter process on host might fail while retrieving flow records from kernel.

    Exporter zdump was observed and application failure alarm was raised. User will not see any other notable functional impact.

  • Fixed Issue 3396942: NSX Edge memory problem with NAPP.

    When NAPP is onboarded, requests made from NAPP to the NSX Edge can cause a memory leak in the Edge datapathd process.

check-circle-line exclamation-circle-line close-line
Scroll to top icon