Replication Synchronizations time out when using SSL Inspection in VMware Cloud Director Availability 4.x
Article ID: 315123
Updated On:
Products
VMware Cloud Director
Issue/Introduction
Symptoms:
- New replications fail to synchronize and you see a similar error:
Sync timeout for replication 'C4-########-####-####-####-############'.
- Existing replications fail to synchronize and experience RPO violations.
- When you attempt to perform a manual synchronization, the task becomes stuck at 20% on the VM level and 28% on the vApp level.
Environment
VMware Cloud Director Availability 4.x
Cause
This issue can occur when SSL inspection is enabled, resulting in a delay in cross-site traffic that causes replication tasks to time out.
Resolution
To determine if a site is potentially affected by this behavior, use the time curl command to confirm delay in requests between sites when using SSL traffic compared to non-encrypted traffic.
Example:
time curl -v -k https://PublicEndpointFQDN:443
time curl -v -k http://PublicEndpointFQDN:443
If there is a large difference in times between HTTPS and HTTP tests then it is possible SSL inspection is the cause of this behavior.
Example:
time curl -v -k https://PublicEndpointFQDN:443
time curl -v -k http://PublicEndpointFQDN:443
If there is a large difference in times between HTTPS and HTTP tests then it is possible SSL inspection is the cause of this behavior.
To resolve this issue, it is recommended to disable SSL inspection in your environment for VMware Cloud Director Availability traffic.
Feedback
Yes
No
Powered by
