VMware vSphere

 View Only

  • 1.  How to check if a port is open on a vCenter or PSC appliance

    Posted Feb 03, 2021 03:33 AM

    I recently upgraded an external PSC from 5.5 to 6.7 however I found that the NTP sources were not accessible and this was evident when I added the NTP sources to the Appliance Management interface, I got the error "<NPT_SOURCE_01> and <NTP_SOURCE_02> are not accessible". I asked the network team to open UDP port 123 from the PSC to the NTP sources which they completed, and I was able to add the NTP sources to the Appliance Management interface and the NTP sources came up with a green tick.

    Great!

    I then wanted to make sure the port was open from the CLI so I logged into the PSC and ran the following command:

    root@PSC01 [ ~ ]# nc -uv 172.0.0.225 123
    ^CExiting.
    root@PSC01 [ ~ ]#

    As you can see, the command failed.

    I then ran this command:

    root@PSC01 [ ~ ]# curl telnet://172.0.0.225:123
    curl: (7) Failed to connect to 172.0.0.225 port 123: Connection refused

    As you can see, this also failed.

    NTPQ works and shows a positive result:

    root@PSC01 [ ~ ]# ntpq -p
    remote refid st t when poll reach delay offset jitter
    ==============================================================================
    ADC03.my 172.0.0.80 2 u 20 64 377 0.372 -38.366 5.061
    ADC04.my 172.0.0.80 2 u 33 64 377 0.350 -58.323 14.223
    root@PSC01 [ ~ ]#

    So what command should I use to check the port is open as nc and curl don't give the right response?



  • 2.  RE: How to check if a port is open on a vCenter or PSC appliance

    Broadcom Employee
    Posted Feb 03, 2021 08:04 AM

    Hi  ,

    To check the port status, you can run 'netstat' or you can follow this blog by William --> https://www.virtuallyghetto.com/2017/07/quick-tip-list-all-open-ports-on-the-vcsa-psc.html 

    On the other hand, you can try restarting ntp services: 

    systemctl enable ntpd.service

    systemctl stop ntpd.service

    systemctl start ntpd.service

    Also refer --> https://kb.vmware.com/s/article/59729 

    Hope that helps



  • 3.  RE: How to check if a port is open on a vCenter or PSC appliance

    Posted Feb 03, 2021 11:07 PM

    Hi, thanks for your advice, but I do not want to check if a port is open on the appliance.

    I want to check FROM the appliance, if there is a connection to the NTP source IP via port 123. Like when doing a TELNET from Windows.

    I tried using nc & curl telnet:// from the vCenter appliance to see if the NTP port is open ON THE Windows Domain Controller, but in both cases the test fails, however in the VAMI GUI of the vCenter, it shows the Domain Controllers as reachable. (green tick).