PCoIP not working due to bad config
Article ID: 345849
Updated On:
Products
VMware
Issue/Introduction
Symptoms:
- PCoIP not working as the re-write was giving the public IP
- Clients unable to access Horizon since PCoIP communication fails.
Cause
- When the xyz-Horizon Integration is configured using the guide, https://xyz.com/docs/22.1/deploy-xyz-for-load-balancing-uag-servers/, the traffic path is as follows: [Please note that xyz is referring to the organization's name)
- The client initiates a request to Horizon FQDN on L7 TLS port 443.
- Depending on the load balancing algorithm configured, 'xyz' picks a UAG server and sends a 307 Redirect to the client.
- The client sends a new request which is sent to the desired UAG server. Once the authentication is complete, the UAG responds with the IP/FQDN to be used for secondary protocols communication.
- NSX Advanced Load Balancer parses this response, replace the IP/FQDN and port XML tags with NSX Advanced Load Balancer FQDN and L4 Service port.
- This XML replacement is done by the content-rewrite rules associated with the VS.
- The issue is caused when these rules are modified or disorganized.
- They can get out of order due to multiple updates done on the VS configuration via CLI.
Resolution
- We need to ensure that the content rewrite rules are in order.
- If they are not, follow the steps below to fix them.
- Remove the rules from the VS.
[admin:1234]: > configure virtualservice <UAG-L7-VS-Name> [admin:1234]: > no content_rewrite [admin:1234]: > save
- Disable/enable the VS and then re-configured the content re-write policy as per the KB - https://xyz.com/docs/22.1/deploy-xyz-for-load-balancing-uag-servers/
- This is how it should look like
| content_rewrite | | | rewritable_content_ref | System-Rewritable-Content-Types | | rsp_rewrite_rules[1] | | | name | System-Standard-Horizon | | enable | True | | index | 1 | | pairs[1] | | | search_string | | | type | SEARCH_REGEX | | val | (<address>)[\s]*(?:[0-9]{1,3}\.){3}[0-9]{1,3}[\s]*(</address>) | | replacement_string | | | type | COMBINATION_STRING | | val | ${1}${vs_ip}${2} | | pairs[2] | | | search_string | | | type | SEARCH_REGEX | | val | (<address>).+?(</address>) | | replacement_string | | | type | COMBINATION_STRING | | val | ${1}${uag_fqdn}${2} | | pairs[3] | | | search_string | | | type | SEARCH_REGEX | | val | (<port>)[\s]*8443[\s]*(</port>) | | replacement_string | | | type | COMBINATION_STRING | | val | ${1}${horizon_blast_port}${2} | | pairs[4] | | | search_string | | | type | SEARCH_REGEX | | val | (<port>)[\s]*4172[\s]*(</port>) | | replacement_string | | | type | COMBINATION_STRING | | val | ${1}${horizon_pcoip_port}${2} | | pairs[5] | | | search_string | | | type | SEARCH_REGEX | | val | (<server1>)[\s]*(?:https://)?[\w\.-]*:443[\s]*(</server1>) | | replacement_string | | | type | COMBINATION_STRING | | val | ${1}https://${uag_fqdn}:${horizon_l7_port}${2} |
- Remove the rules from the VS.
Feedback
Yes
No
Powered by
