BugZero updated this defect 48 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/1/2024
vSAN
No affected releases provided.
No fixed releases provided.
If Advanced Encryption Standard-New Instructions(AES-NI) is not enabled in BIOS, vSAN Encryption (as well as virtual machine encryption) cannot use hardware acceleration to encrypt and decrypt data. Therefore, dramatic CPU utilization increases can be observed when encryption is enabled. The vSAN Health UI also detects and reports that AESNI is not enabled.
The purpose of this article is to enable AESNI to speedup encryption and decryption and reduce CPU and power usage when encryption is enabled.
If AESNI is not enabled in BIOS, the encryption library in ESXi kernel cannot use hardware acceleration to speedup encryption and decryption.
To workaround this issue, enters the BIOS menu when the host boots and enable AESNI.Note: By default, most modern machines have AESNI enabled. Some of the BIOS do have the options to enable AESNI. When such option is not available in BIOS, it usually means that AESNI is always enabled.