Traffic on the Passive Node IP Gets Interrupted Randomly if Both the Packet Filter and TrendMicro DeepScan 9.6 Filter Driver are Installed

Traffic on the Passive Node IP Gets Interrupted Randomly if Both the Packet Filter and TrendMicro DeepScan 9.6 Filter Driver are Installed

Summary

This Knowledgebase article provides information about a workaround when both the packet filter and TrendMicro DeepScan 9.6 filter driver are installed on the same network interface(s) causing connection failures on the passive node IP address.  

More Information

Symptom:

The traffic on the Passive Node IP address gets interrupted randomly if both Packet Filter and TrendMicro DeepScan 9.6 filter driver are installed

Cause:

When the DeepScan filter driver loads/starts/enables, it rebuilds the network stack causing the Public IP address (persistent property) to be enabled on the passive server. If this IP is then selected as source IP, because it is filtered on the passive server, it will cause a connection failure (normally, the node/management IP should be used as source IP).

Workaround:

The nfipmon.bat script fixes the issue of the network stack reloading on the passive server causing network disconnection. It should be configured as a running service on the passive server only (and stopped on the active). The steps to apply the workaround consist of:

 

  1. Having P/A=>S/-
  2. Download nfipmon_secondary.bat and nfipmon_primary.bat on the active server and copy them into C:\Protected folder (they will also replicate to the passive server).
  3. Edit the nfipmon_primary.bat with the Primary's public NIC name.
  4. Edit the nfipmon_secondary.bat with the Primary's public NIC name
  5. Set NIC_NAME="<Public NIC Name>"

    Note: You can use just one script, for example nfipmon.bat, if the public NIC has the same name on both the Primary and Secondary (for simplicity, we'll consider this scenario in the upcoming steps).
    1. Create a service of the script. You can do this by using nssm-2.24.zip.
    2. On each of the servers in the cluster:
      1. Unzip, copy the nssm.exe to your system32 folder.
      2. Create the service by running nssm install nfipmon
      3. Configure to reflect the following:
        1. Ensure that you link the service to the appropriate script depending on same/different public NIC names on Primary and Secondary servers
           NSSM Service Installer
        2. Service display name / description
          NSSM Service Installer
        3. Service Log on account
          NSSM Service Installer
      4. (optional) To debug what it's doing, configure the output page as well  NSSM Service Installer
      5. Click Install service.
      6. From vCSHB Management Console, add the service as a protected service, and configure it to run just on passive, as follows:

        Edit Service Dialog

 

Applies To:

VMware vCenter Server Heartbeat 6.6U1 and later with TrendMicro DeepScan 9.6 Filter Driver Installed

Additional Information:

None 

KBID-2969