Recently I’ve redeployed my lab’s HCX from R137 to the R138 version and after that, I am not able to extend the network which I can extend prior to the redeployment. Why I did the reinstallation of the HCX is because in my lab, I’ve exceeded the capped number for 20 migration tasks only allowed using the NSX Data Center trial license for the HCX activation. So I unextended the Network, deleted existing Service Mesh, disconnected Site Paring to VMware Cloud on AWS, and reinstalled all the HCX components in my lab.
After successfully re-created the Service Mesh, when it comes to configure the Network Extension, the HCX actually showed me the following screen, all portgroup selections have been grayed-out, I can’t select any networking portgroup in my DVS for the extension, so, what happened?
The original setup
You can see from the below that I can extend the “DPortGroup” network to my VMC network segment before the re-deployment,
After the re-deployment
When I’d like to re-extend the original portgroup, I got the following all protgroups greyed-out screen.
I tried to reinstall HCX, recreate the Compute/Network profiles, and Service Mesh from both my lab and VMC sides, but all got the same result, it wasted me lots of time to finally find the root cause and overcome this problem, so, I think it’s worth of my time to come out this short blog to prevent someone from going through this pain again.
The root cause
As per the HCX release notes:- https://docs.vmware.com/en/VMware-HCX/services/rn/VMware-HCX-Release-Notes.html.
- Serviceability Enhancements
- With this release, the HCX Network Extension service prevents several non-supported Network Extension scenarios. For each scenario, the networks will be grayed out in the Network Extension User Interface:
- The vSphere Infrastructure (ESXi VMkernel) networks cannot be extended. HCX should only be used to extend virtual machine networks.
- HCX Network Profile networks cannot be extended. HCX Network Profiles should not be created using virtual networks that will be extended.
- Trunk networks cannot be extended.
- Untagged vSphere networks cannot be extended.
- With this release, the HCX Network Extension service prevents several non-supported Network Extension scenarios. For each scenario, the networks will be grayed out in the Network Extension User Interface:
As of service update R138 new usability enhancements have been implemented in the HCX UI to ensure security compliance.
I observed in my lab infra, VLANs are all untagged! This is now an unsupported configuration in HCX.
So I changed the PG to use VLAN number 1.
Now I can see HCX allow me to choose the right portgroup with tagged VLAN number!
I can now successfully create my network extension just like before.
The HCX Network Extension appliance connected to the correct PG.
Lesson learnt
- Since VMware updates HCX version so frequently, when you plan to upgrade your HCX, remember to check the respective release notes to ensure you don’t miss any new HCX serviceability enhancement perquisite.
- The following are NOT allowed for Network Extension
- The same VLAN twice to the same target
- Untagged VLANs
- VMkernel or cluster segments
- Network Profile segments (Mgmt, Uplink, vMotion, VR)
- Check HCX configuration maximums for VMware Cloud on AWS.
Hope this help you a bit in configuring the HCX network extension, thank you!
We're virtually connected everywhere! On-Premise, Hybrid or Multi-Cloud! 