Understanding Aria Operations for Networks connections to Telemetry and registration servers
Article ID: 389886
Updated On:
Products
Issue/Introduction
This article explains why Aria Operations for Networks connects to 52.#.#.101 and 35.#.#.139.
These are internal IPs within the product code
Environment
Aria Operations for Networks 6.12.0
Aria Operations for Networks 6.12.1
Aria Operations for Networks 6.13.0
Aria Operations for Networks 6.14.0
Aria Operations for Networks 6.14.1
Resolution
VMware Aria Operations for Networks supports remote home calling feature that requires Internet access.
This feature or services allow the VMware Aria Operations for Networks team to gain a better understanding of customer environments and proactively troubleshoot or repair issues.
The following services need Internet access:
1. Auto Update Service (svc.ni.vmware.com:443 // 35.#.#.139:443 ): VMware Aria Operations for Networks uses this service to contact the remote upgrade host and pull in newly released bits as it become available, and the user gets a UI notification when the updates are available.
2. This service is enabled by default, but you can deactivate this service through UI or using online-upgrade command through CLI.
3. Registration Service (reg.ni.vmware.com:443 // 52.#.#.101:443): For registering the appliance with all external services.
4. It will enable trusted communication between above mentioned services. When setup has access to internet, registration happens automatically.
5. In an isolated environment it can be done using "offline-registration" CLI (Please refer to Aria Operations for Networks CLI documentation for more details). It is required for enabling Support Tunnel.
To check if these services are configured, connect to the appliance(s) with the user consoleuser and run the command show-connectivity-status
1. If they are enabled or in failed status, the communication to these domains/IPs will happen.
2. To disable these traffic, run the following commands:
telemetry disable
online-upgrade disable
3. Then re-run show-connectivity-status to confirm the services are disabled.
Note:
There is no functional impact by disabling these services.
Post disabling the services, you may go ahead and block the IP address if needed.
These Services and servers were hosts on SaaS/AWS .
SaaS has seen sunset and then these services and server mentioned below today do not exists for Platform and collector appliances
When Executing below command on the appliances you will see either the service is disabled or Failed
cat build-target/deployment/appliance.status
Upgrade connectivity status (svc.ni.vmware.com:443): Disabled
Support connectivity status (support2.ni.vmware.com:443): Failed
Performance Telemetry connectivity status (svc.ni.vmware.com:443): Disabled
Registration connectivity status (reg.ni.vmware.com:443): Failed
Additional Information
Feedback
