Recognizing the behavior of vDS auto-rollback
Starting with vSphere 5.1, it is possible to prevent misconfiguration of the management network and automatically recover the previous configuration by using rollback and recovery support, available both on vDS and vSS as describe in VMware KB 2032908 (https://kb.vmware.com/s/article/2032908)—Understanding network rollback and recovery in vSphere 5.1 and later.
By rolling configuration changes back, vSphere protects hosts from losing connection to the vCenter Server as a result of misconfiguration of the management network.
But there are also two different types of auto-rollback options: (host) networking rollback and vDS rollback.
A vDS rollback happens when invalid updates are made to vDS, dvPorts, or distributed ports for one of these changes:
- Changing the MTU of a distributed switch
- Changing the following settings in the distributed port group of the management VMkernel network adapter:
- Teaming and failover
- VLAN
- Traffic shaping
- Blocking all ports in the distributed port group containing the management VMkernel network adapter
- Overriding the policies at the level of the distributed port for the management VMkernel network adapter
Rollback is enabled by default in vSphere 5.1 and later. You can disable rollback by editing the vpxd.cfg configuration file of vCenter Server directly.
In the <network> element, set the <rollback> element to false:
<config>
<vpxd>
<network>
<rollback>false</rollback>
</network>
</vpxd>
</config>
Note that you can connect directly to a host and use the DCUI to fix the invalid configuration of the management network.
For more information, see the vSphere 6.5 Networking guide (https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.networking.doc/GUID-8BA411A4-8582-4C02-8489-D3D7D09A9BF0.html).