Monday, January 7, 2013

vMotion Error: Different offload or security policy

While working in the vSphere environment today, I tried to do a typical vMotion and encountered the following error:

Currently connected network interface 'NIC_NAME' uses network 'VM_Network_Name', which is configured for different offload or security policies on the destination host than on the source host.

Upon further investigation, I discovered that the network securities were different on both the source host and the destination host (DUH!). As the vSphere environment was originally configured by consultants, I was unaware that they changed the default security policies to:

Promiscuous Mode: Accept
MAC Address Changes: Accept
Forged Transmits: Accept

To fix this issue, the settings on both hosts had to match. The first place I changed the security settings were the security settings within the vSwitch:


Next, I removed the security exceptions under the listed VM network.


When both these settings changed back to the default (so that the source and destination hosts had matching security policies), vMotion was available once again.

No comments:

Post a Comment