0

I have xenserver 7.x installed and recently had to replace the Nic. I was able to get the new Nic configured but the problem is the vm's are having trouble communicating with the internet.

On the windows vm I can hit sites like google.com and bing.com in the browser, but not cnn.com. For those sites it just spins forever or loads a white screen.

On one of ubuntu vm's if I do: curl -k https://cnn.com -vvv

I get:

About to connect() to cnn.com port 443 (#0)
  Trying 151.101.129.67...
Connected to cnn.com (151.101.129.67) port 443 (#0)
Initializing NSS with certpath: sql:/etc/pki/nssdb
Operation timed out after 300187 milliseconds with 0 out of 0 bytes received
Closing connection 0

All of the physical machines on the network are fine, so it's not a router or anything.

=== UPDATE ===

I never actually got this working. I ended up just installing Ubuntu on the Nuc and using docker containers instead of Xenserver + vm's.

Other people around the net who had similar issues all seemed to "resolve" this by reinstalling Xenserver. I didn't find anyone who actually fixed the problem.

jacklin
  • 109
  • 3
  • 2
    The last successful line has to do with NSS and PKI. CNN may be asking you for authentication, which is not being handled properly. Since access to ONE site from multiple VMs does not work, while several others do, the problem is with the handling of traffic from that site. I'd suggest packet sniffing, and examining the return traffic from that curl command. I suspect the issue has to do with certificates. – Jeter-work Aug 13 '18 at 12:29
  • We were kind of thinking maybe certs, but I'm not sure how to fix it if it is certs. Would you update the ca-bundle.crt? I saw that there are versions I can download from the curl website. – jacklin Aug 13 '18 at 12:39
  • Capture the packets, determine the root cause. Then research the solution. Packets don't lie, but ssuming what's in them can lead you down the wrong path. – Jeter-work Aug 13 '18 at 12:53

0 Answers0