CPU identification (CPU ID) masks control the CPU features visible to the virtual machine's guest operating system. Masking or hiding CPU features can make a virtual machine widely available to ESXi hosts for migration. vCenter Server compares the CPU features available to a virtual machine with the CPU features of the destination host to determine whether to allow or disallow migration with vMotion.
For example, masking the AMD No eXecute (NX) and the Intel eXecute Disable (XD) bits prevents the virtual machine from using these features, but provides compatibility that allows you to migrate virtual machines to ESXi hosts that do not include this capability. When the NX/XD bit is visible to the guest operating system, the virtual machine can use this feature, but you can migrate the virtual machine only to hosts on which the feature is enabled.
Turn off the virtual machine.
- Right-click a virtual machine in the inventory and select Edit Settings.
- On the Virtual Hardware tab, expand CPU, and in the CPUID Mask drop-down menu, select an NX/XD option.
Option Description Hide the NX/XD flag from guest
Increases vMotion compatibility.
Hiding the NX/XD flag increases vMotion compatibility between hosts, but might disable certain CPU security features.
Expose the NX/XD flag to guest Keeps all CPU security features enabled. Keep current Advanced setting values for the NX/XD flag Uses the NX/XD flag settings specified in the CPU Identification Mask dialog box. Enabled only when current settings specify something other than what is specified in the other NX/XD flag options, for example, if the NX/XD flag bit setting varies with processor brand.
- Click OK.