By rolling configuration changes back, vSphere protects hosts from losing connection to vCenter Server as a result from misconfiguration of the management network.

In vSphere 5.1 and later, networking rollback is enabled by default. However, you can enable or disable rollbacks at the vCenter Server level.

Host Networking Rollbacks

Host networking rollbacks occur when an invalid change is made to the networking configuration for the connection with vCenter Server. Every network change that disconnects a host also triggers a rollback. The following examples of changes to the host networking configuration might trigger a rollback:

  • Updating the speed or duplex of a physical NIC.
  • Updating DNS and routing settings.
  • Updating teaming and failover policies or traffic shaping policies of a standard port group that contains the management VMkernel network adapter.
  • Updating the VLAN of a standard port group that contains the management VMkernel network adapter.
  • Increasing the MTU of management VMkernel network adapter and its switch to values not supported by the physical infrastructure.
  • Changing the IP settings of management VMkernel network adapters.
  • Removing the management VMkernel network adapter from a standard or distributed switch.
  • Removing a physical NIC of a standard or distributed switch containing the management VMkernel network adapter.
  • Migrating the management VMkernel adapter from vSphere standard to distributed switch.

If a network disconnects for any of these reasons, the task fails and the host reverts to the last valid configuration.

vSphere Distributed Switch Rollbacks

Distributed switch rollbacks occur when invalid updates are made to distributed switches, distributed port groups, or distributed ports. The following changes to the distributed switch configuration trigger a rollback:

  • Changing the MTU of a distributed switch.
  • Changing the following settings in the distributed port group of the management VMkernel network adapter:
    • Teaming and failover
    • VLAN
    • Traffic shaping
  • Blocking all ports in the distributed port group containing the management VMkernel network adapter.
  • Overriding the policies on at the level of the distributed port for the management VMkernel network adapter.

If a configuration becomes invalid because of any of the changes, one or more hosts might become out of synchronization with the distributed switch.

If you know where the conflicting configuration setting is located, you can manually correct the setting. For example, if you have migrated a management VMkernel network adapter to a new VLAN, the VLAN might not be actually trunked on the physical switch. When you correct the physical switch configuration, the next distributed switch-to-host synchronization will resolve the configuration problem.

If you are not sure where the problem exists, you can restore the state of the distributed switch or distributed port group to an earlier configuration. See Restore a vSphere Distributed Port Group Configuration.