CPU identification (CPU ID) masks control the CPU features visible to the virtual machine guest operating system. Masking or hiding CPU features can make a virtual machine widely available to ESXi hosts for migration. vCenter Server compares the CPU features available to a virtual machine with the CPU features of the destination host to determine whether to allow or disallow migration with vMotion.
For example, masking the AMD No eXecute (NX) and the Intel eXecute Disable (XD) bits prevents the virtual machine from using these features, but provides compatibility that allows you to migrate virtual machines to ESXi hosts that do not include this capability. When the NX/XD bit is visible to the guest operating system, the virtual machine can use this feature, but you can migrate the virtual machine only to hosts on which the feature is enabled.
Prerequisites
Power off the virtual machine.
Procedure
- Right-click a virtual machine in the inventory and select Edit Settings.
- On the Virtual Hardware tab, expand CPU, and in the CPUID Mask drop-down menu, select an NX/XD option.
Option Description Hide the NX/XD flag from guest Hiding the NX/XD flag makes the guest operating system less secure. Use this option only as a solution for old operating systems that are not compatible with the NX/XD technology.
Expose the NX/XD flag to guest Keeps all CPU security features enabled. Keep current Advanced setting values for the NX/XD flag Uses the NX/XD flag settings specified in the CPU Identification Mask dialog box. - Click OK.