ESXi network troubleshooting

I'm having networking issues with my new ESXi 5.1 host. I'm pretty sure it's a setting that I missed. I'm getting no ping replies when I'm trying to ping the management or the vMotion vmnic. However, vCenter can communicate with that host just fine, and the other vSwitch handling NFS traffic, I can ping that VMkernel just fine.

Since I can configure only a single gateway address for an ESXi host, I set it to 10.0.128.61/27.
As mentioned I can ping the NFS (VLAN 1002) VMkernel (vSwitch1) just fine whose IP is 10.0.128.40.

However, I cannot ping the vMotion (VLAN 1001) VMkernel with IP: 10.0.128.20/29. I also cannot ping the management (VLAN 1000) VMkernel with IP: 10.0.128.4/29.

However, if I change the default gateway to let's say 10.0.128.6, then all of a sudden I can ping the management VMkernel, but no longer the NFS VMkernel.

On all my other ESXi hosts, I can ping all VMkernels on that host, even though all of them have their default gateways setup as 10.0.128.61.

What do I need to do to be able to ping all of the VMkernels on this new ESXi 5.1 host?
LVL 8
pzozulkaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
you are carrying out these tests on the console of the ESXi 5.1 host?

Can you upload a screenshot of your networking?
pzozulkaAuthor Commented:
I tried pinging from the console using vmkping -I vmk# ip_addr as well as trying to ping the various VMkernel IPs from my workstation.
Networking
pzozulkaAuthor Commented:
Any thoughts on this?

From my workstation I can ping all my other ESXi hosts, and each one of their individual vmkernel IPs. On this new host, I can only ping a single vmkernel IP (the one that's on the same subnet as the default gateway).

I don't think it has anything to do with the phsycal network because the VMkernels I'm trying to ping -- are on the same subnet as the VMkernels on the other ESXi hosts. Since I can reach those VMkernels, I should be able to reach this one as well.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
If when pinging the management network or vMotion interface you get no reply, that's likely because the gateway defined for Management Network or vMotion Interface is incorrect.

I'm assuming that vCenter Server is on the same network as Management Network/vMotion Interface network, and hence that's why no communication issues between the two, because traffic does not need to route to the ESXi host.

We would normally configure the Default Gateway for the ESXi host to be the Default Gateway on the Management Network.

what is also odd, is you have different VLANs, but carrying the same IP Address range?

1001, 1000, 1002 - 10.0.128.20, 10.0.128,4, 10.0.128.40

normally different IP Addresses are assigned to different VLANs.

If this is working for you on different hosts, I would compare configurations of ESXi networking, and also physical switch port configurations.
pzozulkaAuthor Commented:
vSwitch 0 is setup for vMotion VMkernel and Management VMkernel. vSwitch 1 is setup for NFS VMkernel. The default gateway is defined on the same subnet as NFS VMkernel.

Our VLANs are:
1001: 10.0.128.21/29
1000: 10.0.128.5/29
1002: 10.0.128.61/27

As you can see they are not carrying the same IP Address range.

Having said that, let me ask you this question.

If you have a VMware environement that you can test, are you able to ping all of your VMkernels from your workstation? And is your workstation on the same or different subnet?

I'm wondering if maybe this is the default behavior, that you're not suppose to be able to ping all of your VMkernels. Because VMware does recommend to separate Management, vMotion, and Storage traffic.
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
No we cannot ping our vmkernel port groups because they exist on a secure storage network.

Workstations on completely network range.

Storage network 10.10.x.x private
Workstations 150.xxx.xxx.xxx

That is correct to isolate networkd

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pzozulkaAuthor Commented:
Change to ICMP ping response behavior in ESXi 5.1. Found KB article causing issue.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VMware

From novice to tech pro — start learning today.