VMware Horizon Community
jmatz135
Hot Shot
Hot Shot
‎10-20-2017 01:21 PM

Horizon 7.3.1 Instant Clone Pool not using parent VM network port network is blocked

We upgraded to Horizon View 7.3.1 and we have a few instant clone pools that have the network port group not the same as the parent VM.  Previously in 7.2 and 7.1 this was fine, but since going to 7.3.1 the network card on the VMs would be blocked by the port group security unless we switch the security on the port groups to:
MAC address changes: accept

Forged Transmits: accept

Obviously this isn't ideal, so does anyone have any ideas why this would have happened or any suggestions on a workaround other than changing the security settings on the port groups?

0 Kudos
7 Replies
ESXi_Jon
Contributor
Contributor
‎10-23-2017 06:02 AM

Possibly this KB?

https://kb.vmware.com/kb/2150925

We are testing out View 7.3.1, and part of the test was upgrading our QA vCenter to 6.5. Unfortunately our QA hosts do not support ESXi 6.5 and we encountered instant clone provisioning errors with the mis-matched version environment. Right now we are only running linked clones due to the incompatibility.

I didn't test the changes you reference to the port group, but may give that a try just to see what happens and try to get a small instant clone pool going.

0 Kudos
jmatz135
Hot Shot
Hot Shot
‎10-23-2017 06:22 AM

No it isn't that issue.  All of our port groups are distributed switch static binding port groups that are not ephemeral. 

0 Kudos
ESXi_Jon
Contributor
Contributor
‎10-23-2017 08:13 AM

We were using static binding too, as ephemeral is not supported with instant clones. I sent logs over and support showed it was that bug (KB I posted) within a few hours.

I just tried changing my port group with what you listed in the original post and still have the issue, cloned desktops fail with the resource in use error.

Seems like we are dealing with different issues. Good luck getting yours resolved.

0 Kudos
GoldTop
Enthusiast
Enthusiast
‎10-26-2017 01:01 PM

I am seeing the same thing.  Upgraded to 7.3.1 from 7.0.3 to get the multi VLAN functionality and have the same behavior.

Have you logged a support ticket as of yet?

0 Kudos
jmatz135
Hot Shot
Hot Shot
‎10-26-2017 01:06 PM

I do have a support ticket in and the engineer watched the issue occur and has acknowledged that it is an issue.  Have not heard back since though.

0 Kudos
GoldTop
Enthusiast
Enthusiast
‎10-27-2017 06:24 AM

I will get this logged too.

0 Kudos
mmonkman
Enthusiast
Enthusiast
‎01-09-2018 02:17 PM

Hi.  Was this ever resolved?  I have the same issue regarding the port blocking and it's affecting Instant Clones with VMXNET3 vmnics.

Changing PG security to accept MAC addresses and forged transmits fixes it but i'm concerned about the security risk this introduces.

Tested with the E1000 vmnic and it works perfectly to multiple VLAN's without having to change the PG security.

Cheers

0 Kudos