VMware Cloud Community
DCYun
Contributor
Contributor
‎01-12-2024 01:12 AM

esxi hosts registered in vcenter are temporarily disconnected and then reconnected

Hello. Everyone.

I'd to inquire about the following issue.

.
There are two networks:
Call one 'Network #A' and the other 'Network #B'.
> There are two firewalls between 'Network #A' and 'Network #B'.
> Network Diagram : vCenter & 'ESXi #A' - 'Firewall #A' - 'Firewall #B' - 'ESXi #B'

 

.

The vCenter is on the 'ESXi #A' on the 'Network #A'.  (There is no problem with 'ESXi #A' on the 'Network #A'.)

However, when connect to vCenter (from 'Network #A'), 'ESXi #B' on 'Network #B' is temporarily disconnected.
Because of this, if open a VM with VMRC, it will be controlled for a while, but will freeze if the 'ESXi #B' connection is lost.

 

.

There are two firewalls between 'Network #A' and 'Network #B'.
There are no deny logs for the two firewalls  between vCenter or 'ESXi #A' and 'ESXi #B'.

.

What should be considered and checked in cases like this?
- If I log in to 'ESXi #B' from 'Network #A' and run VMRC, there is no interruption (no freezing).
- When I log in to vCenter ('ESXi #A') on 'Network #A' and run VMRC, it hangs.

 

Best Regards,

0 Kudos
1 Reply
srodenburg
Expert
Expert
‎01-12-2024 04:07 AM

The Heartbeat between vCenter and the ESXi Server is not going through the firewall. ESXi hosts send UDP heartbeats to vCenter (destination port 902) every 10 seconds. By default, if vCenter doesn’t see one of these heartbeats in 60 seconds the host goes into a Not Responding/Disconnected state

You need UDP 902 (Heartbeat) between the them. Also open TCP 902 (NFC).

I think you need to check your firewall ports in general. Here are the port requirements:  https://kb.vmware.com/s/article/2039095