Dear Broadcom Customer:

The purpose of this Critical Alert is to inform you of a potential problem that has been recently identified with VMware NSX 4.2.0.  Please read the information provided below and follow the instructions in order to avoid being impacted by this problem.   

PRODUCT(S) AFFECTED:  VMware NSX 4.2.0

PROBLEM DESCRIPTION: 

• An ESXi host running NSX version 4.2.0 may experience a PSOD in nsxt-vsip module when processing DNS response contain empty domain string. The ESXi console will print the following stack trace shown below.
• This issue is observed in an environment where Security Intelligence is deployed or is configured with stateful L7 DNS rules in DFW

Figure-1

 
SYMPTOMS: When DNS server responds to a DNS query with empty domain name the response is not handled gracefully in NSX vsip module, resulting in ESXi host PSOD

IMPACT: ESXi host PSOD's and crashes. Host will have to be re-booted manually via ILO or IPMI
 
WORKAROUND: Please refer to KB Article 374611 for more details

PROBLEM RESOLUTION: The issue is resolved in NSX 4.2.0.1 Express Patch and later releases.

If you have any questions about this Critical Alert, please contact Broadcom Support.
 
Thank you,

Broadcom Support Team