vSphere

I am trying to connect a vcenter which is hosted on ipv6 network through perl sdk but the connect.pl script could not make a connection to the vcenter.

I have also tried using the hostname of the server, it worked fine when the dns is mapped to ipv4 and it doesn't worked when the name is mapped to ipv6, Port 443 is listening on both ipv4/ipv6

i ve ensured that firewall is not blocking by telnet 443 using ipv6 and able to telnet.

I find a piece of code is commented in Common.pm for not accepting ipv6 address, though i uncommented that i could not connect through ipv6.

Have anyone faced the same issue and made it work?

please give some insight on this issue,Following is the error i get when i execute connect.pl

[root@vmx0850 playlists]# /usr/lib/vmware-vcli/apps/general/connect.pl --server [2001:1b70:82a7:1:1:1:1:200] --username root --password ****
Unsupported IP address format

/usr/lib/vmware-vcli/apps/general/connect.pl --server [2001:1b70:82a7:1:1:1:1:1%eth0] --username root --password ****

Error connecting to server at 'https://1/sdk/webService': Perhaps host is not a vCenter or ESX server

[root@vmx0850 playlists]# /usr/lib/vmware-vcli/apps/general/connect.pl --url https://[2001:1b70:82a7:1:1:1:1:200%eth0]:443/sdk --username root --password  ****

Unsupported IP address format

I have also specified a sperate config and used that, but still it behaves in the same way

[root@vmx0850 ~]# cat ~/vmsdk
VI_SERVER = 2001:1b70:82a7:1:1:1:1:1
##VI_SERVER = 1.1.1.1
VI_USERNAME = root
VI_PASSWORD = ****
VI_PROTOCOL = https
VI_PORTNUMBER = 443

[root@vmx0850 ~]# cat ~/vmsdk
VI_SERVER = 2001:1b70:82a7:1:1:1:1:1:1%eth0
VI_USERNAME = root
VI_PASSWORD = ****
VI_PROTOCOL = https
VI_PORTNUMBER = 443

The SDK is still parsing for IPv4, so no IPv6 support.  To get support, you'd probably have to use NET::INET6Glue + modify the core SDK modules.  Technically, I think IO::Socket::SSL (which is now favored by default in LWP over Crypt::SSLeay) does support it with recent versions, but again, the vSphere Perl SDK is setting up the initial query calls around IPv6. 

To make it work, it's like you'd have to patch the VICommon.pm, replace the IPv4 checks, and disable the fallback to Crypt::SSLeay that the current version of the Perl SDK uses for legacy purposes.  Then it may use the transparent hooks for IPv6 with IO::Socket::SSL (needs to be tested).

Hi stumpr,

Can you exactly say which piece of code to be modifieD...as i am  very new to perl could you give the exact changes..

Many thanks

Charles

Most of the functions would be in VICommon.pm.  You'll find several regexp in the module that parse the host portion of the URI as an IPv4 address.  There might other places to modify, bu that I think those are the core (assuming support for IPv6).  You may also need to pull out the hard-coded Crypt::SSLeay module imports to favor IO::Socket::SSL.  As others have pointed out, Crypt::SSLeay is more of a legacy play (it doesn't support robust certificate validation, so it's a possible weakness to Man-In-The-Middle).

Are you really limited to IPv6 for the vCenter connectivity?  Perhaps an Ipv6 proxy might be a solution?

Hi stumpr,

Actually the requirement is to support both ipv4/6 to connect esx/vcenter ,  and i have used PyVmomi to achieve..

Many thanks

Charles