VMware Cloud Community
Petkoii0
Contributor
Contributor
‎12-11-2018 02:41 AM

What are the network requirements for content library sync?

Author : Martina Laleva

URL : http:////docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.vm_admin.doc/GUID-AE80A15F-E222-47...

Topic Name : Synchronize a Subscribed Content Library

Publication Name : vSphere Virtual Machine Administration

Product/Version : VMware vSphere/6.7

Question :

Dear VMWare support. We are trying to sync a VMWare vCenter from one vlan with a VMWare vCenter in another.   The templates are listed on the destination library, but when we try to sync them the following errors occurs:   Task Details:    Status: A general system error occurred: Start Time: Dec 11, 2018 9:37:48 AM Completed Time: Dec 11, 2018 9:38:34 AM State: error  Error Stack:      Error transferring file suse-15.0-1.vmdk from https://10.227.88.18/cls/vcsp/lib/474d8dfd-6605-43d2-a072-e0f90a509122/f82a9b9f-8237-4f8f-86c9-745ae.... Reason: Error transferring file from https://10.227.88.18/cls/vcsp/lib/474d8dfd-6605-43d2-a072-e0f90a509122/f82a9b9f-8237-4f8f-86c9-745ae... Network is unreachable (connect failed)  Additional Task Details:    VC Build: 7515524 Error Type: SystemError Task Id: Task Cancelable: true Canceled: false Description Id: com.vmware.content.LibraryItem.Sync Event Chain Id: 15560  Could you please help us narrow down the problem, and provide the steps that should be implemented in order to sync the 2 libraries ?   Thanks a lot in advance.

0 Kudos
5 Replies
peetz
Leadership
Leadership
‎12-11-2018 03:30 AM

Hello and welcome to the forums,

the error message suggests that the target vCenter cannot connect to the source vCenter server.

Can you check the network settings and try if the two machines can ping each other?

Andreas

Twitter: @VFrontDe, @ESXiPatches | https://esxi-patches.v-front.de | https://vibsdepot.v-front.de
0 Kudos
Petkoii0
Contributor
Contributor
‎12-11-2018 03:48 AM

Hello Andreas,

Thanks a lot for the reply. There is ping between the source and the destination vCenters. So port 443 is opened as well. More details are listed below.

Please let me know, if you need more details.

Source vCenter

vCenter VPN IP: 10.227.88.18

Destination vCenter

vCenter VPN IP : 10.217.91.253

There are no network restrictions between the 2 vCenters.

Confirmation for that is that the

Destination vCenter -> Source vCenter

admin@photon-machine [ ~ ]$ ping 10.227.88.18

PING 10.227.88.18 (10.227.88.18) 56(84) bytes of data.

64 bytes from 10.227.88.18: icmp_seq=1 ttl=127 time=188 ms

64 bytes from 10.227.88.18: icmp_seq=2 ttl=127 time=191 ms

64 bytes from 10.227.88.18: icmp_seq=3 ttl=127 time=187 ms

64 bytes from 10.227.88.18: icmp_seq=4 ttl=127 time=187 ms

64 bytes from 10.227.88.18: icmp_seq=5 ttl=127 time=187 ms

64 bytes from 10.227.88.18: icmp_seq=6 ttl=127 time=226 ms

--- 10.227.88.18 ping statistics ---

6 packets transmitted, 6 received, 0% packet loss, time 5006ms

rtt min/avg/max/mdev = 187.142/194.753/226.003/14.051 ms

admin@photon-machine [ ~ ]$ ifconfig

eth0      Link encap:Ethernet  HWaddr 52:51:ed:52:d4:1f

          inet addr:10.217.91.253 Bcast:10.217.91.255 Mask:255.255.252.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500 Metric:1

          RX packets:6946649 errors:0 dropped:330 overruns:0 frame:0

          TX packets:6696227 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:9468729698 (9.4 GB)  TX bytes:1141783962 (1.1 GB)

admin@photon-machine [ ~ ]$ curl -v telnet://10.227.88.18:443

* Rebuilt URL to: telnet://10.227.88.18:443/

*   Trying 10.227.88.18...

* Connected to 10.227.88.18 (10.227.88.18) port 443 (#0)

Source vCenter -> Destination:

C:\Users\Administrator>ping 10.217.91.253

Pinging 10.217.91.253 with 32 bytes of data:

Reply from 10.217.91.253: bytes=32 time=187ms TTL=63

Reply from 10.217.91.253: bytes=32 time=193ms TTL=63

Reply from 10.217.91.253: bytes=32 time=195ms TTL=63

Reply from 10.217.91.253: bytes=32 time=188ms TTL=63

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : TAP-Windows Adapter V9

   Physical Address. . . . . . . . . : 00-FF-62-40-F3-4B

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::1de9:84ab:db5c:f559%7(Preferred)

   IPv4 Address. . . . . . . . . . . : 10.227.88.18(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.252

   Lease Obtained. . . . . . . . . . : Monday, December 10, 2018 11:20:43 PM

   Lease Expires . . . . . . . . . . : Tuesday, December 10, 2019 11:20:43 PM

   Default Gateway . . . . . . . . . :

   DHCP Server . . . . . . . . . . . : 10.227.88.17

   DHCPv6 IAID . . . . . . . . . . . : 33619810

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-23-68-D4-C4-00-15-5D-85-01-0A

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1

fec0:0:0:ffff::2%1

fec0:0:0:ffff::3%1

   NetBIOS over Tcpip. . . . . . . . : Enabled

PS C:\Users\Administrator> Test-NetConnection -ComputerName 10.217.91.253 -Port 443

ComputerName     : 10.217.91.253

RemoteAddress    : 10.217.91.253

RemotePort       : 443

InterfaceAlias   : Ethernet 2

SourceAddress    : 10.227.88.18

TcpTestSucceeded : True

0 Kudos
peetz
Leadership
Leadership
‎12-11-2018 04:31 AM

You need to further explain your networking setup. It looks very much "non standard" 🙂

I see "VPN" there, and I see that you are using OpenVPN on the Windows source vCenter server.

I guess that server has a different IP when OpenVPN is not active, and vCenter might try to use that original IP for communication.

Twitter: @VFrontDe, @ESXiPatches | https://esxi-patches.v-front.de | https://vibsdepot.v-front.de
0 Kudos
Petkoii0
Contributor
Contributor
‎12-11-2018 07:33 AM

Hey Andreas, this is indeed the situation. The vCenter was deployed, before installing OpenVPN, which is used to access the destination vCenter. Further more we tried to sync a test content library from the Destination vCenter with the source, it worked perfectly fine and confirms the suggestion that the source vCenter is trying to use its original IP, instead the VPN's.

Is it possible to fix that, or we need to build a new vCenter ? 

0 Kudos
peetz
Leadership
Leadership
‎12-12-2018 12:30 AM

You can try to change the "vCenter Managed IP address" as per VMware Knowledge Base

However, the vCenter server will then probably lose the ability to talk to the ESXi hosts that it manages. The same situation will occur when you re-install vCenter using the VPN IP.

I guess it is not a good idea to run the VPN client on the vCenter server, and for sure it is completely unsupported.

Instead you should use another server (e.g. a VPN appliance) to do the VPN connection and route any access to the remote vCenter through this server (by adding static routes on the source vCenter server).

Twitter: @VFrontDe, @ESXiPatches | https://esxi-patches.v-front.de | https://vibsdepot.v-front.de
0 Kudos