Link to home
Start Free TrialLog in
Avatar of Michael Leonard
Michael LeonardFlag for United States of America

asked on

need assistace - vmware ESXi host - DNS issue

hello, our ESXi host has the wrong DNS information, I have updated this but the ESXi host and all guest VM's cannot connect to the internet.
I've tried rebooting the esxi host after the DNS server change, no luck.
is there a shell command I can run to reset DNS on the eSXi host and test DNS resolution.

please keep in mind I have to do this remotely and do not have console access to the ESXi host.

thx in advance.

S.
Avatar of Waddah Dahah
Waddah Dahah

Hi,

To Print the list of the DNS server currently configured on the ESXi server

~ # esxcli network ip dns server list
   DNSServers: 192.168.0.20

2.5 To Add a new DNS server to the end of the list of DNS servers to use for this ESXi host.                    

~ # esxcli network ip dns server add  -s 192.168.0.21
~ # esxcli network ip dns server list
   DNSServers: 192.168.0.20, 192.168.0.21

2.6 To Remove a DNS server from the list of DNS servers to use for  this ESXi host.

~ # esxcli network ip dns server remove -s 192.168.0.21
~ # esxcli network ip dns server list
   DNSServers: 192.168.0.20

For more command please visit http://www.vmwarearena.com/2013/03/esxi5-command-line-reference-networking.html

Regards,
Waddah
Avatar of Seth Simmons
if the esx host and guests don't have internet access, have you checked the gateway?  are vlans configured properly?
did this issue just start?  what changed (aside from esx dns config)? sounds like a straight-forward network configuration issue
Guest and Host DNS info is not related. This really looks like a network issue.  What kind of vSwitch and network mode (bridged, Host-only, ...) are you running the VMs with?
Is the reason you cannot connect to the internet, default gateway or DNS related ?

e.g. can you ping www.demon.net ?

can you ping 158.152.1.222

from Guest and Host ?
Avatar of Michael Leonard

ASKER

thanks for the feedback, how would I run esxcli when I don't have console access to the esxi host?

the ESXi host had an incorrect DNS server entry, I updated the IP in the GUI DNS config screen, but all guest still cannot connect to the internet, I know dns is working, I can run nslookup from any of the guests and resolve google.com etc
but when I try to telnet to say Microsoft.com on port 80 it fails to connect [or 443]


thx in advance.
telnetting to ports, not a real test, they could have firewall.

Hosts and Guest are different!

use

ping www.demon.net ?

ping 158.152.1.222 ?

and traceroute
Hi Siber,

you can use Putty client http://www.putty.org/ to connect via ssh to the host, SSH should be enabled on the host configuration otherwise you will not be able to connect remotely.

Regards,
Waddah
I can ping those IP addresses from the ESXi host,

however I cannot ping the hostname or the IP from any of the guest VM's.
ASKER CERTIFIED SOLUTION
Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
hi Andrew.
I can ping both the hostname and public IP address from the ESXi host.

all VM's have VMware tools installed and are using the VMXNET3 interface
[this was working fine up until a few days ago]

all VM's have network connected and connected to the same vSwitch as the host

I am using DHCP on the lan
yes the host and VM are on the same LAN

host and VM's can ping each other.

however, none of the guest VM's can get out to the internet, or ping even the public IP address of say 8.8.8.8

something is blocking all guest public communications.
Okay, so a tick in the box for VMware ESXi host, no issues here.

Please upload a screenshot of your vSwitch.

Can your VMs ping the default gateway, and DNS server, and DHCP server ?
Andrew, good point, I just tried and I cannot ping the default gateway from any of the guest VM's.

I can ping the default g/w fine from another ESXi host and all guest VM's [on the same internal network]

there is something within the config of this single ESXi host that is blocking connection to the gateway. [which would explain the public connectivity]
Please upload a screenshot of your vSwitch.

Can your VMs ping the default gateway, and DNS server, and DHCP server ?
Andrew,

I've located the source of the issue,
when I run a traceRT from any of the guest VM's to a public address on the internet. --  the first hop is not through the defined default gateway.   10.100.5.1
instead, its trying to route through a different address: 10.100.5.123 [a host on the network]

how can I clear this on the ESXi server and force the guest VM's to route through the default g/w?
Your DHCP Server is issuing the incorrect gateway!

or change the Default Gateway on the VM to 10.100.5.1. e.g. log into the VM, and change TCP/IP networking, like you would on a physical server!

The HOST has got nothing to do with the VM's Network Settings!
nope, that's not it. dhcp is issuing the correct gateway, in fact when I statically key in the IP info and the default g/w - same result.

something else is going on here.
please upload a screenshot of your networking on the host.

Also TCP/IP information from VMs.

Also TCP/IP information from Host for comparison.

So this is a default gateway issue in the VM ?

can the default gateway be pinged ?

and why does tracert go through a different IP Address, than default gateway ?
siber1,

give us a result (file) of this commands on one of VM:
ipconfig /all >>c:\vmnetcfg.txt
arp -a >>c:\vmnetcfg.txt

file will be saved in c:\vmnetcfg.txt

send it here please (if possible), if you can't copy it, just make us some screenshot the results that are inside the file.

this will give us some point what is current VM's config

I understand that correct gw for VM's should be: 10.100.5.1

also there is a simple possibility that Virtual Machine Network portgroup lost network adaper connectivity or adapter go to standby mode for some reason (cos of that Andy want a screenshot of your networking of the host), give us that commands result and host networking screenshot.

regards
NTShad0w
I've requested that this question be closed as follows:

Accepted answer: 0 points for siber1's comment #a40569594

for the following reason:

thanks. it turned out to be a local network filter device that was blocking traffic to the internal g/w

-S.
thx. ended up being a network device issue