VMware Cloud Community
sect0r
Contributor
Contributor
‎01-24-2010 12:56 PM

Move VM from internal ESX 3.5 to ESX 4 on DMZ

I'm having one heck of a time trying to get a VM migrated from my ESX 3.5 server to my ESX 4.0 server.

The caveat is that my ESX 4 server is in the DMZ.

I have a vCenter 4.0 VM running on the ESX 3.5 server. I also have an XP VM that I use for domain management. It has all of my tools on it including the vSphere 4.0 Client. Since its primary goal is domain management, I have it locked down pretty good (it's not even running the Server service).

I do not have any shared storage between the two ESX servers.

I have tried using the vSphere client to migrate the VM over but I get the error "Cannot connect to host" about 5 minutes into the transfer.

Last night I installed the latest vCenter Converter Standalone software on my management VM and after running for 10 hours and 24 minutes it was only 1% done with 33 days to go. The transfer rate was at 38 Kb/s.

I ran across a KB article that listed the firewall ports needed for vConverter which included the NetBIOS ports so I enabled the Server service on my management VM, deleted the files left behind on the ESX 4.0 server, and started the transfer again.

It's been running now for 70 minutes and the End Time column is still blank. I can see the files in the ESX 4.0 datastore so I know something is working. I've checked my internal/DMZ firewall logs and there aren't any blocked packets between either of the ESX hosts, my management VM, or the vCenter VM.

From all of the documentation I've read none of them address moving across firewall zones or moving from ESX 3.5 to 4.0 without relying on Converter or the migrate option in the vSphere client. I've read that using SCP was a bad idea and I haven't really come across any vmkfstools tutorials that are for my specific situation.

And as luck would have it my SnS contract expired 6 days ago.

Can anyone point me in the right direction? I am completely stuck here.

0 Kudos
4 Replies
mmathurakani
Enthusiast
Enthusiast
‎01-24-2010 01:46 PM

Hi,

There are some basic issues that i see in your setup:

1. firstly are u trying to do a vmotion/hot migration of the virtual machine from the ESX 3.5 to 4.0 box? If yes the following things are mandatory:

a.) You must have shared storage between the two esx hosts and the vm that is being migrated must reside on this shared storage.

b.)All the subnets and networks that are accessible from the source esx host , on which the vm is presently running, must be available from the destination esx server also. Make sure the dmz is not locking out any subnets.

2. secondly if the above needs are satisfied, we have the following thing to consider:

since you are getting an error that says not able to connnect to the host do the following:

check if the dmz is blocking out ports 8000 or 902 by running : telnet destinationESXserverIP 902 and telnet destinationIP 8000

also check if you can ping the server from source esx and double check if you are able to connect to above ports from source

Regards

0 Kudos
sect0r
Contributor
Contributor
‎01-24-2010 02:18 PM

Thank you for your quicky reply.

I do not have a license for vMotion so I'm limited to cold migrations.

My current firewall config looks like this:

vCenter VM -> ESX 4: all ports and protocols

Management VM -> ESX 4: all ports and protocols

ESX 4 -> vCenter VM: UDP 902

For testing purposes, and I meant to do this before, I have added the following firewall rules:

ESX 3.5 -> ESX 4: all ports and protocols

ESX 4 -> ESX 3.5: all ports and protocols

I will try migrating the VM again and will post my results.

Thank you again for your quick reply!

0 Kudos
sect0r
Contributor
Contributor
‎01-24-2010 03:21 PM

After allowing all ports and protocols between my two ESX servers I tried migrating the VM again.

Tried using VMware Converter from my management VM - no progress shown in GUI after 38 minutes so I cancelled it.

Tried migrating using vSphere client - same "Cannot connect to host" error.

What does this error mean? Which host is trying to connect to whom? ESX to ESX, vCenter to ESX, or vClient to ESX?

I do not have any listening processes on port 8000 on either ESX server. Should I? From what I can find online, port 8000 is for vMotion, which I don't have.

0 Kudos
mmathurakani
Enthusiast
Enthusiast
‎01-24-2010 04:44 PM

Are the service consoles of the two ESX hosts on the same subnet?

Since during the cold migration the two esx hosts have got to talk to each other you must ensure that the two service consoles are on the same subnet.

Once you have ensured this try to perform a coldmigration again if it still fails try following two links:

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1010837&sl...

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1005892&sl...

0 Kudos