Visitors

Trend Micro DSVA error: dsvatool failed to config i/f (256)

I had an issue when during morning checks quite a few VMs reported “Communication Error”. On a close inspection all of them were running on a particular ESX host. DSVA’s status was “Component Update Failure”. Restart of the DSVA did not help. I vMotioned all VMs off that host and tried to deactivate DSVA but it failed. I also tried to re-activate DSVA and it got stuck on “Updating Components” again. When I rebooted DSVA, I completely lost communication to it. I noticed that it did not pickup DHCP address. When I tried to enable DHCP [X] and save Management Network Configuration, I got “dsvatool failed to config i/f (256)” error message:

I pressed OK, DSVA received DHCP address but Primary and Secondary DNS server IP addresses were blank. DSVA was rebooted again in a hope that it will get IP addresses properly but after the reboot it lost ALL settings, including the host name and no matter what I tried, configuration could not be saved.

Well, it is a good indication that the root partition was full.

  1. Open DSVA console, press ALT-F2;
  2. Login as dsva;
  3. Check the filesystems:
    dsva@(none):~$ suso su
    dsva@(none):~$ df -k

    As you can see, DSVA’s host name is (none) – it completely lost its config

  4. Check the size of the logs:
    cd /var/log
    ls -lah

    messages.1 and syslog.1 files are enormous!

  5. Delete syslog.1 and messages.1
    dsva@(none):/var/log# rm syslog.1
    dsva@(none):/var/log# rm messages.1

  6. Restart DSVA and reconfigure host name and IP address if needed;
  7. Re-Activate DSVA.

Another battle with Trend Micro Deep Security is won!

UPDATE: Trend Micro published this blog post on the Technical Support portal under Solution ID 1095482.  Thank you, it is an honour!

3 comments to Trend Micro DSVA error: dsvatool failed to config i/f (256)

  • Damian Corr

    Great article, i have this exact same issue but when I try to delete the logs (messages.1 and syslog.1) i get a permissions denied error.

    Do you need to stop some services first before the “rm syslog.1” can delete the files? If so do you know the commands etc?

    • Thank you.
      I checked a couple of DSVAs in my environment and none of them have syslog.1 or messages.1 files anymore. When you logged in as ‘dsva’, did you elevate your account to root by running “sudo su”? You should be able to delete syslog.1 and messages.1 files after that.
      Let me know if it helps.

  • Damian Corr

    Excellent! Thank you!

    sudo su did the trick! Don’t know why this didn’t work the first time I followed this article, but who cares its working now!

    Shame all my VM’s are still showing as offline though! Damn DSM!

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>