VMware Cloud Community
hugovg
Contributor
Contributor
‎11-14-2019 09:02 PM

Reconnecting a 6.0 host to vCenter with running VMs & vDS after duplicate DNS record

We have an ESXi 6.0 host that's got disconnected from its 6.0 vCenter, and we need to _safely_ reconnect it, as it has many running VMs on it. The error message is:


     Cannot synchronize host xxxxxxxx. Disconnected from host. Reason: Cannot verify the SSL thumbprint.

We believe it became disconnected after an A-record was added to our DNS server with the same name as the host but with a different IP address. The record duplicate has been removed, but the host is still disconnected.
I am concerned that when we manually reconnect the host, the distributed networking may be disrupted and the running VMs will loose connectivity. I have read many articles that highlight issues with loosing vDS configuration when removing or adding a host to a vCenter.

VMware article "Reconnecting Hosts After Changes to the vCenter Server SSL Certificate" suggests the host should simply be re-connected, but it does not mention what happens to running VMs & use of vDS.
Perhaps there is another way we can have the host and vCenter communicate again easily? As mentioned, the duplicate A-Record no longer exists, and in theory, it should be ok.

The host is in a cluster, but there is no DRS/HA etc. enabled. Hosts are all added to vCenter using their FQDN.


Thank you for any help.

Reply
0 Kudos
5 Replies
KocPawel
Hot Shot
Hot Shot
‎11-14-2019 11:50 PM

You can reconnect host. Your VMs shouldn't lose any network connectivity.

Reply
0 Kudos
NathanosBlightc
Commander
Commander
‎11-15-2019 12:47 AM

First of all, you should know reconnecting or even disconnecting the host does not affect the VM operation and network connectivity.

Because you have a cluster without HA & DRS special configuration and there are disabled, you can reconnect the host from the cluster without any concern.

But regarding the vSphere Distributed Switch (VDS) you should be a little careful about how to behave. If you disconnect the host, VM are still connected to the appropriated dvPortGroup but you may couldn't see the network label on VM settings or if you change it, may encounter with some of issues. Anyway based on VDS settings if you disconnect and connect the host again after a duration, maybe the port numbers are changed

Please mark my comment as the Correct Answer if this solution resolved your problem
Reply
0 Kudos
hugovg
Contributor
Contributor
‎11-15-2019 11:47 AM

Thank you, that is good to know!

Reply
0 Kudos
hugovg
Contributor
Contributor
‎11-15-2019 11:50 AM

Thank you, I am not sure if a vDS port# change could momentarily interrupt traffic, but just in case, we will wait till out of business hours today as we have some important VMs running on that host.

Reply
0 Kudos
hugovg
Contributor
Contributor
‎11-16-2019 11:57 AM

Just FYI if anyone has this same issue.

The host Re-connected host all ok. This time it didn’t kick off the wizard that’s normally only presented when adding a new host to the inventory (it did that on Fri which is why I stopped), this time it just re-connected, perhaps its DNS cache cleared & had the (correct) single A-record back. So perhaps if the host's and/or the vCSA's DNS cache had been flushed after I fixed the duplicate A-record, it would have reconnected just fine then.

Reply
0 Kudos