The NSD_SEC_NODE_COMP_SYNC_FAILED message is reported into the system message file whenever one or more of the components of the network security process (NSD) fail to synchronize their state when nsd restarted on the secondary mode. This article documents an approach to troubleshoot this problem.
This message is generated by the network security process (nsd), which manages firewall configuration on routers running Junos Software with Enhanced Services. Enhanced services is currently only supported on J-series and SRX routers.
The problem related to this syslog message is described in the following sections:
The NSD_SEC_NODE_COMP_SYNC_FAILED message is logged each time one or more of the components of the nsd process fail to synchronize their state when nsd restarted on secondary mode.
When the NSD_SEC_NODE_COMP_SYNC_FAILED event occurs, a message similar to the following is reported:
NSD_SEC_NODE_COMP_SYNC_FAILED: One or more subcomponents could not sync their state on backup RE
The cause may be related to interprocess communications among the sub components of the nsd process, or due to a software issue within that process.
Examine the following output to help determine the cause of this message:
show log messages show log nsd_chk_only
Look for any related events that occurred at or just before the NSD_SEC_NODE_COMP_SYNC_FAILED message.
Perform these steps:
1. During a maintenance window, as it will impact transit traffic, try the following to restart the network security process:
- Disable the network security process with the following configuration change at the edit system processes hierarchy, set network-security disable and commit the change.
- Enable the network security process with the following configuration change at the edit system processes hierarchy, set network-security enable and commit the change.
2. If the synchronization failure messages continue, open a case with your technical support representative to investigate the issue further.