DDOSAttack

Symptoms
In NSX-v 6.4.0, you see these symptoms:

  • You see the error: “NSX Alert :Possible DHCP DOS attack on host. (ScreenShot Attached)
    NSX Alert DHCP DOS Attack

Cause

This issue occurs because a new DHCP DoS related security feature was introduced in NSX-v 6.4.0, that may report false positives.

Resolution
This is a known issue affecting VMware NSX for vSphere 6.4.x. Currently, there is no resolution.

Workaround

To work around this issue, disable these warning messages. You can disable these warning messages NSX Manager Central Command Line Interface.

  1. Login to The NSX Manager SSh Console via Admin . Check the Status for the Event Notification

get host event notification status

2

3. If its Set to True then you need to disable it via below Command.

set host event notification disable

3

As soon you disable it you need to go to the Web client or H5 Client for the vcenter and do the Acknowledge & Reset to Green alerts. It will clear the old event and no new alerts for the same will be created again  .

Leave a reply

required