VYATTA Router VM on VMware Workstation 7 VNET and intermittent connectivity issues

Posted on 2010-11-16
Last Modified: 2012-05-10
Helloooo experts....

Ok so this is my situation...

I am running a LAB VMware Workstation 7 on my laptop with the following config...

(1) Vyatta Virtual router with (3) interfaces
  eth0= - Bridged
  eth1= - Bridged
  eth2= - Bridged

(2) OpenFiler Virtual SANs with (2) interfaces each.

  eth0= - Bridged
  eth1= - Bridged
  GW= eth0

  eth0= - Bridged
  eth1= - Bridged
  GW= eth0

Local host:


Internet router
  Static routes: > Metric 1 > Metric 1


 Lab diagram
Now this is my issue... While routing works... I am getting intermittent connectivity to the router and the nodes behind it.

I have tried updating the Vyatta router. I had RIP enabled, which is now disabled but i cant get my head around what the problem is.

At one point i had the filers on a private LAN but i want to be able to serve them out to real machines so that wont work for me.

Not being an expert in VMware Workstation, I am wondering what i could be doing wrong here.
ICMP is intermittently dropping packets from my workstation to the filer and router interfaces.

It is oddly algorithmic actually.

See below:
 Ping from workstation to router
Now i don't know if setting all of my hosts to bridge mode is supported so it could be that i am completely screwing the pooch.. But theoretically it seems like it should work.

I have been having a tough time getting help here recently. Not sure if i am in the right place but i figured i would give it a shot.

Any assistance would be greatly appreciated.


Question by:pacman_d
  • 4
  • 2

Author Comment

ID: 34152590
One more thing...

Interestingly enough.. I can Ping any FQDN from the VYATTA virtual machine without interruption.
So this issue seems to be relegated to requests coming from my workstation to the VMs.

Thanks again.
LVL 28

Expert Comment

ID: 34155418
I would change the setup where instead of bridging all connections to your physical NIC, only bridge the interface on Vyatta. Use host-only networking for the other two network. You should already have a host-only network on vmnet1, use that for your 10.10.4.x network. Use Manage Virtual Networks to create another host-only network on vmnet2 and use that for the network.

One question - what are you using the Openfiler to serve? If a VMware software (or dependent hardware) adapter is to be the consumer of your storage be aware that iSCSI storage (and I think NFS storage) has to reside on the same IP subnet as the VMkernel port configured to access it - not sure about other systems. In that case your storage won't work on a routed network. You might want to check your iSCSI client and make sure it will work over a routed network.

Good Luck

Author Comment

ID: 34166541
Hey BG,

Appreciate you jumping in here. I have configured as you have suggested but this is the thing.

Nodes outside of my laptop cannot hit the Filer nodes.

My original thinking was that if i had everything bridged, that it would be just like a switch and the router would simply manage the connectivity to the nodes.

The filer 10.4.x and 10.5.x interfaces would be in a single broadcast space so i figure, no issue there.
Its really just i want to route in and out of the router interface to the other internal subnets.

I will be using a VM to test the iSCSI and NAS share connectivity and it will be on the 10.10.4.x subnet so no worries there.

But this lab for me is also to test vyatta routing, and one of my goals is to set up routing so that i can manage from other machines. 3.x

I am not as familiar with workstation as I should be It could very well be that i simply do not understand the way the Vswitch and routing work in VMware workstation.

But my thinking was that if i had a (3) interface Virtual router set up with (1) 3.x) bonded to my bridge interface (as you suggested) and interfaces (4.x -5.x) bonded to "host only" , that it would route ok.

The the filer gateways are pointed to the vyatta router on 4.5 eth0 (as to have only (1) gateway for the node not confuse them.

Am i just going about this all wrong? Is it reasonable to have this type of configuration on workstation?

I think i am close, My time has been tight the last couple of days so i will try to respond and act quickly.

What are your thoughts?



New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

LVL 28

Accepted Solution

bgoering earned 500 total points
ID: 34168899
For other nodes to access your internal host-only networks, you will have to have routes configured somewhere so that they can find them. One way to do that is if you are using RIP, OSPF, or some other routing protocol on you network - you can enable the routing protocol to vyatta and let it advertise the new and networks so that other machines can find them through the gateway. You could also use static routes to accomplish that purpose - if your internal corporate LAN only has a couple of routers that may be easier.

The trick is to have the routing in place so other machines can find your filers, and make sure you have a default gateway set on the vyatta so that if you clients are further away than your network, the filers can find their way back to them. If your clients are on the network, then instead of modifying your router configuration you can simply add some static routes on the client to find the filers.

Author Comment

ID: 34169700
Hey BG,

Originally I had OSPF enabled. Then RIP.... Routing was working but the challenge was the odd intermittent drops in ICMP and general connectivity.

I will try again and get back to you.



Author Comment

ID: 34181969
Hey BG,

Ok so I made the changes and routing across all of my internal subnets are good to go.

I was still having a problem with my 4.x and 5.x  subnets routing all the way out past my WAN interface on my internet router but got that figured out.

With these Fios routers you not only need to add the routes back to the indirect subnets, you apparently need to bind to the connection additional IPs for these subnets (in my case 10.10.4 and 5.x respectively for the router FW to allow the return traffic to these next hop subnets.

Your basic analysis was right on point so thanks!

I am all good with full routing and resolution for all of my nodes.



Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…
This Micro Tutorial walks you through using a remote console to access a server and install ESXi 5.1. This example is showing remote access and installation using a Dell server. The hypervisor is the very first component of your virtual infrastructu…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now