Author Topic: VMware ESXi, be2net driver stripping HTTP headers on Sophos/ASA (IBM HS23)  (Read 3087 times)

netfreak

  • Administrator
  • Sr. Member

  • Offline
  • *****
  • 299
    • View Profile
    • Higher Intellect
Here's an interesting problem... If you have a VM behind a Sophos UTM (or other firewall such as ASA) on a VMware ESXi 6.x host using be2net Emulex driver but you get an error 400 (bad request) when trying to browse external sites, the be2net driver itself might be somehow stripping the HTTP headers. We logged this invalid request:

xx.xx.xx.xx - - [31/Dec/2018:16:49:49 -0800] "\x00\x00\x00\x00\x00\x00" 400 166 "-" "-"

This was the case with the following driver configuration:

driver: be2net
version: 10.2.254.0
firmware-version: 10.2.261.36

A solution was to revert back to the elxnet driver. We ran into issues on this driver in the past which led us to enabling be2net originally (ESXi 5.5 and IBM OEM image). So if you're running into this issue under ESXi 6.x with the IBM/Lenovo OEM image on an HS23 blade, do this:

esxcli system module set --enabled=false --module=be2net
esxcli system module set --enabled=true --module=elxnet

Reboot your host and re-test.