vSphere

 View Only

  • 1.  Unbale to clone session ticket when IPv6 proxy server is used

    Posted Nov 24, 2023 11:42 AM
      |   view attached

    Hello,

    I am trying to add IPv6 and proxy server support in my plugin.

    I am facing a issue while cloning the session ticket via a IPv6 proxy server.

    My set up has:

    IPv6 vCenter Server

    IPv6 Proxy Server

    IPv6 Plugin appliance

     

    I am using below code:

    import requests
import json

url = "https://[2604:a140:1501:404:20c:29ff:fe8b:a9b9]/api/ui/vcenter/session/clone-ticket"

payload = {'vc_guid': '038dff91-fd40-40cd-bfe6-3092321da61b'}
headers = {
  'vmware-api-session-id': 'vmw-sid:[issuer:f8461db2-69e3-43a1-a0b2-adcdaeee6651,version:2,value:60c635dcbeef1c6d62cdcfd70d055c08e68a3981]',
  'Content-Type': 'application/json'
}

proxies = {
   'http': 'http://[2604:a140:1501:404::104]:3128',
   'https': 'http://[2604:a140:1501:404::104]:3128',
}

#proxies={}

response = requests.request("POST", url, headers=headers, data=json.dumps(payload), proxies=proxies, verify=False)

print(response.text)

     

    I am getting below response if I use proxy server in this communication:

    <!doctype html><html lang="en"><head><title>HTTP Status 400 – Bad Request</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 400 – Bad Request</h1></body></html>

    Not sure why this is happening? Does the API not support communication via IPv6 proxy server? I have verified this via IPv4 proxy server.

    Please let me know what I am doing wrong here.

    Attaching vsphere-ui logs from vCenter server.

     

     

     

    Attachment(s)

    zip
    vmware_case.zip   60 KB 1 version


  • 2.  RE: Unbale to clone session ticket when IPv6 proxy server is used

    Broadcom Employee
    Posted Nov 28, 2023 02:03 PM

    Hi,

    The clone-ticket API should work fine with an IPv6 environment.

    There is no information in the virgo log about the request. Seems like our controller was not reached at all.

    Can you check the logs of your proxy servers and the vCenter Server's proxy.

    vCenter Server proxy:

    location: /var/log/vmware/rhttpproxy/

    Enable debug logs (only if needed, since the logs will grow quite fast)
    Open the configuration file: /etc/vmware-rhttpproxy/config.xml
    Add or edit <level> xml element:
    <config>
       <log>
          <level>verbose</level>
       </log>
    </config>


    To allow more space for the logs it is preferable to add or edit <maxFileSize> and <maxFileNum> xml elements too:
    <config>
       <log>
          <maxFileSize>52428800</maxFileSize>
          <maxFileNum>20</maxFileNum>
       </log>
    </config>


    Restart the rhttpproxy service:
    #service-control --stop vmware-rhttpproxy
    #service-control --start vmware-rhttpproxy

    Confirm that rhttpproxy logs at verbose level. Open log file /var/log/vmware/rhttpproxy/rhttpproxy.log and check that verbose logs are present.

     

    Best Regards,

    Denis



  • 3.  RE: Unbale to clone session ticket when IPv6 proxy server is used

    Posted Dec 01, 2023 03:39 AM

    Hello  , thanks for the reply.

    I have enabled verbose level logging on the rhttpproxy, but did not see any update in the log messages after sending requests.

    I have verified that the request reaches the vCenter server from /vsphere-ui/logs/access/localhost_access_log.txt logs. It shows below log in the messages:

    127.0.0.1 2604:a140:1501:404::104 - - [30/Nov/2023:09:03:45 +0000] "POST /api/ui/vcenter/session/clone-ticket HTTP/1.1" 400 435 - - http-nio-127.0.0.1-5090-exec-11 1

     

    Note: I have changed IP of vCenter server to static IPv6 address 2604:a140:1501:404::106

    Also below logs are shown in the /vsphere-ui/logs/vsphere-ui-runtime.log.stderr after sending the request for cloning ticket:

    30-Nov-2023 09:03:45.693 INFO [http-nio-127.0.0.1-5090-exec-11] org.apache.coyote.AbstractProcessor.parseHost The host [[[2604:a140:1501:404::106]]] is not valid
    Note: further occurrences of request parsing errors will be logged at DEBUG level.
    java.lang.IllegalArgumentException: The character [[] is never valid in an IPv6 address.
    at org.apache.tomcat.util.http.parser.HttpParser.readHostIPv6(HttpParser.java:920)
    at org.apache.tomcat.util.http.parser.Host.parse(Host.java:66)
    at org.apache.tomcat.util.http.parser.Host.parse(Host.java:38)
    at org.apache.coyote.AbstractProcessor.parseHost(AbstractProcessor.java:301)
    at org.apache.coyote.http11.Http11Processor.prepareRequest(Http11Processor.java:1010)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:595)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:932)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1695)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.lang.Thread.run(Thread.java:750)

    If I just comment proxy settings in the code, everything works fine.

    I have verified that my proxy server is correctly forwarding the request:

    1701334608.211 10 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -
    1701334675.464 18 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -
    1701334723.038 7 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -
    1701334839.100 7 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -
    1701335025.685 7 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -
    1701335106.934 14 2604:a140:1501:404::105 TCP_TUNNEL/200 2628 CONNECT [2604:a140:1501:404::106]:443 - HIER_DIRECT/2604:a140:1501:404::106 -

    I have attached the latest logs with verbose enabled. Please let me know if you can find anything.



  • 4.  RE: Unbale to clone session ticket when IPv6 proxy server is used

    Posted Dec 01, 2023 03:45 AM
      |   view attached

    Latest log bundle.

    Attachment(s)

    zip
    vc-localhost-2023-11-30--09.09-107900.zip   26.55 MB 1 version


  • 5.  RE: Unbale to clone session ticket when IPv6 proxy server is used

    Broadcom Employee
    Posted Dec 01, 2023 11:29 AM

    Hi,

     

    Seems like the problem is this:

    org.apache.coyote.AbstractProcessor.parseHost The host [[[2604:a140:1501:404::106]]] is not valid

     and the reason is this:

    IllegalArgumentException: The character [[] is never valid in an IPv6 address.

    I was not able to find the exact root cause but I guess these are tomcat related specifics. Here is some useful info: https://serverfault.com/questions/659495/servername-with-ipv6-with-apache

    As this is not related to the vSphere Client SDK, I would suggest to ask in the general forum for more information.

     

    Best Regards,

    Denis