Unable to delete a segment in NSX-T 3.x because of an orphaned logical port
In my home lab, I was unable to delete a NSX-T segment because of a logical switch port that was occupied by an orphaned VM. In this blog post, I will show you how to detach/delete the logical port with a simple API call.
A while ago, I was testing the HCX product from VMware with a friend of mine. We created an IPSEC VPN tunnel between our Mikrotik firewalls and connected our HCX instances with each other. We completed our HCX tests, but we didn’t remove the service mesh at that time. The service mesh removal was initiated at some point (forced removal) by that friend of mine, but the appliances were not removed from my side, because my lab was powered off.
I decided to remove the HCX setup the dirty way (deleting HCX appliances, un-registering the extensions in MOB and removing the NSX-T segments that is being used by HCX), but that left me with two segments that were still occupied by the orphaned HCX appliances, and because of that, I couldn’t remove those segments.
As i mentioned before, I will use the API to remove the logical ports from the NSX-T Manager. First of all, you can find all the NSX-T API calls on the following page: https://code.vmware.com/apis/1083/nsx-t
Note: In this blog post, I’m not gonna explain how to configure the connectivity with a NSX-T manager in Postman.
In the picture below, you will see the two segments that was being used by the HCX setup. The segment “192.168.22.0/24” and “hcx-cc0c507c-2866-4a0”. You can also see that there are ports allocated on those segments.
As you can see, there is a HCX appliance connected to a logical port on the segment. The HCX appliance is already deleted from vCenter, but NSX-T is not liking this and it does not clear the port automatically.
Get a list of logical ports
We need to find the logical port ID and this can be done by running the following the following API call:
Make a note of the logical port ID as shown below.
Remove a logical port
We can now build the API call to remove the logical port. This can be done with the logical port ID we have noted down earlier. We also need to add ?detach=true at the end to do a force detach/delete.
The logical port will be cleared after a few seconds. After the removal of the logical ports, I was able to remove the segment.
I hope that this post will help you to be familiar with doing changes through the API. Some say that you can also remove the logical port from the manager mode view. I haven’t tried that out, but I will definitely try that out the next time when I have an orphaned logical port.
Congrats to all new @VMware @vExpert members this year!
Don't forget to claim your free sticker while stocks last! 😀