Yes, the button name is "Rectify the state.....". I pushed it already many times. The result is "success", but still difference.

But now I find out even more strange thing. VM-s in this portgroup flow through new VLAN id, but vmkernel still uses no-vlan. When I look into ports table, I see vmkernel uses two ports in the same portgroup. One with new set VLAN id and other is trunk, altough previous it was "no vlan". What the heck. .....So, now I ask - how I can then successfully change vmkernel portgroup VLAN id? Seems vCenter wasnt changed it.

You can change it one of 3 ways.  Through the esxcli interface, through the web client or the windows client.  which way are you trying to change it?  Also are you trying to change the id number or create a new id?

vCenter 6.7 dont have windows client. Web client I already tried. Operation was unsuccessful, unsync warning stay, portgroup shows new VLAN id, VM-s in this portgroup start using new VLAN id, vmkernel adapter stay using old VLAN, port table shows duplicate ports.

Hi there,

When I’ve reached this state in the past, only a couple of things have fixed it and I’m sure you have already tried at least one of them:

1. Restart the host and wait for 5 minutes for the sync to be tried again.
2. Remove the host from the dvs and re-add.

Kind regards.

>>>Restart the host and wait for 5 minutes for the sync to be tried again.

Why sync needs restart? And why 5min? When sync operation declares "success" already. Sounds like Windows 3.1

>>>Remove the host from the dvs and re-add.

Looks not very possible. First there are lots of VMs with vNIC-s, with share settings and then I must manually set them all back to right place. Ok, I can use profile save, but Im not 100% sure. Because there runs also NSX, NSX manager, controller, 2x edge.

Why sync needs restart?

It doen't normally however you might have some issues going on your ESXi hosts which a restart may resolve.

And why 5min?

The vDS information is stored locally and synchronized with vCenter. It makes no sense to do this continuously so having a periodic sync period to make sure the vDS information is correct make sense

Sounds like Windows 3.1

No comment.

Looks not very possible. First there are lots of VMs with vNIC-s, with share settings and then I must manually set them all back to right place. Ok, I can use profile save, but Im not 100% sure. Because there runs also NSX, NSX manager, controller, 2x edge.

Do you not have another ESXi host that you can vMotion these VMs to so that you can at least restart the affected host?

Reference added: https://kb.vmware.com/s/article/2042692

Its not restart problem. The problem is that probably vCenter is not at all allowed to do this kind of operation. Because when it changes VLAN or moves vmkernal to other portgroup, there is always some time interval when ESXi is disconnected. And vCenter timeout operation or rollback. Have you yourself done it?

I was meant I dont want to remove ESXi from inventory and from vDS, its dangerous operation. Because it clears information from vCenter. When I add it back, then it dont restore vDS (ESXi is not member anymore, it dont join back automatically), resource allocations, vApps, NSX and lots of stuff. I can remediate this info from previously saved profile, but Im not sure are all stuff there. Maybe something still missing. I doed it once and it seems restored all stuff, but I havnt then also NSX. I have no idea what NSX think about this removal........And this 5 min, when I manually run sync and it completes with success, then I think it dont wait 5 min, but sync it immediately. Altough in reality it wasnt synced. And when I set vlan back to previous (none), then all becomes normal again and in ports table no anymore duplicates. It mean clearly - vCenter is unable to process any kind of operations with vmkernel adapter. Maybe, when uplink goes directly through ESXi uplink (not through VM firewall) then maybe it can process. Or maybe when I have 2 physical uplink cards. Or maybe vCenter just looks that there is no connection between portgroup and ESXi uplink.

Problem solved. I shut down all VMs (also NSX), made restart, run Mikrotik firewall in VM and then moved vmkernel to new portgroup with VLAN. No errors and its there. So, I dont know why previously happens this rollback. Do restart helps or helps shutting down all NSX stuff. Maybe NSX prevents this move.

I went through every VMware KBA and this was the only method that worked. It was also much simpler.

We got this error after a switch failed and caused the cluster to 'split brain' the vDS