Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Single IP address not reachable - ping response from local machine

Posted on 2014-03-21
11
Medium Priority
?
3,581 Views
Last Modified: 2014-03-29
I have an unusual issue in that I have a Windows 7 Hyper-V virtual machine (IP address 10.0.1.10) and when I ping from that machine to one particular external IP address on the Internet the ping response replies successful from 10.0.1.10. Tracert returns with only the single response from the local machine. If I use tracert for addresses either side then it behaves as expected.

example tracert response - (the target addresses are obscured for obvious reasons but the xx.xx.2.130 address is real and can be pinged successfully from the firewall)

C:\Users\administrator>tracert xx.xx.2.130

Tracing route to xxxxx [xx.xx.2.130]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  NSO-VPBX.my-network.local [10.0.1.10]

Trace complete.

C:\Users\administrator>tracert xx.xx.2.129

Tracing route to vlan210-coresw-02.thn.as42004.net [xx.xx.2.129]
over a maximum of 30 hops:

  1     1 ms    <1 ms     1 ms  nso-fwl.my-network.local [10.0.1.254]
  2     4 ms     4 ms     4 ms  host-62-24-233-186.as13285.net [62.24.233.186]
  3     5 ms     5 ms     5 ms  host-78-151-238-17.as13285.net [78.151.238.17]
  4     6 ms     5 ms     6 ms  host-78-151-238-12.as13285.net [78.151.238.12]
  5     6 ms     6 ms     5 ms  host-78-144-9-169.as13285.net [78.144.9.169]
  6     6 ms     6 ms     5 ms  host-78-144-10-62.as13285.net [78.144.10.62]
  7     6 ms     6 ms     6 ms  linx-01.thn.as42004.net [195.66.224.45]
  8     *        *        *     Request timed out.
  9  ^C
C:\Users\administrator>tracert xx.xx.2.131

Tracing route to div1.my-target.net [xx.xx.2.131]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  nso-fwl.my-network.local [10.0.1.254]
  2     4 ms     4 ms     4 ms  host-62-24-233-186.as13285.net [62.24.233.186]
  3     5 ms     5 ms     7 ms  host-78-151-238-53.as13285.net [78.151.238.53]
  4    23 ms     5 ms     6 ms  host-78-151-238-20.as13285.net [78.151.238.20]
  5     6 ms     6 ms     6 ms  host-78-144-9-167.as13285.net [78.144.9.167]
  6     6 ms     6 ms     6 ms  host-78-144-10-66.as13285.net [78.144.10.66]
  7     6 ms     6 ms     6 ms  linx-01.thn.as42004.net [195.66.224.45]
  8     *     ^C
C:\Users\administrator>

Also, tracert to the same address on the Hyper-V host behaves the same in that it returns immediate success from 10.0.1.10

Tracert on other VMs and machines on the network fail the tracert and do not even reply from the gateway/firewall. Firewall logs do not show any dropped packets (endian 2.5.2) in the logs so it would appear that the packets are not even being sent to the default gateway for this single IP address.

No other networking issues seem to be present. All other addresses I have tried behave as expected.

Any ideas greatly appreciated before I lose whatever hair I have left!

Thanks
0
Comment
Question by:Dave Stoneham
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 4

Expert Comment

by:Rahul Patil
ID: 39945858
HI,

Please check

1)Time settings on the server are correct
2)Are unreachble machines are in different subnet?
3)Try to add static route to unraechable machine/Network

Regards,
Rtantra
0
 

Author Comment

by:Dave Stoneham
ID: 39945975
Thanks for the response.

All times on all machines in sync and correct (Domain network),
All machines on the local network (single subnet) are reachable. It is only the single external IP address that is unreachable.
I could try a static route on the problem Win7 machine but surely that would not affect all other machines that cannot reach the external address. They do not even seem to route to the default gateway.

Is there anything within the network (DNS etc.) that can blacklist a particular IP? All firewalls on machines being tested are disabled with only Endian out-facing firewall in operation.
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 39946066
Ensure that you are using an external switch in the hyper-v settings
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 

Author Comment

by:Dave Stoneham
ID: 39946080
Not sure what you mean here. The virtual network the vm is on has its own NIC. Is there anything else specifically to set?
0
 

Author Comment

by:Dave Stoneham
ID: 39946084
Just to add, this is a new problem for this specific IP that can't be reached. All was working fine 12 hours ago...
0
 
LVL 37

Expert Comment

by:bbao
ID: 39946903
i guess the host and VM are using static IP, right? if yes please check if the network mask on each host is corect.
0
 

Author Comment

by:Dave Stoneham
ID: 39947159
All VMs and host using static IPs class C with 24 bit masks (10.0.1.x).

Host has 3 VMs for SBS 2011, SQL LOB apps and software PBX.

It is the PBX VM that is suffering the problem. The VOIP provider went off line. Once provider resolved problems the PBX would not reconnect. On investigation, a ping from the PBX VM  returns successful showing the local machine address (10.0.1.10). Tracert shows single hop to local machine. The ping never seems to even reach the firewall so there is something on the local VM that thinks it has the external IP. Also pinging the VOIP provider from the host machine succeeds from 10.0.1.10.

Pinging from other machines outside the host and VMs but on same LAN subnet show timeout to that address although it is live (can be pinged from the firewall successfully).

I have completely removed and recreated the host virtual network (has its own adapter) with no change.

Getting stuck for ideas.
0
 
LVL 4

Expert Comment

by:Rahul Patil
ID: 39947424
Hi,

Is ping from unreachable machine  to other machines working?If not then try replacing/reconfiguring NIC?Also do you have tried assigning any other ip to unreachable machine and give a try?
0
 

Author Comment

by:Dave Stoneham
ID: 39947448
Unreachable machine is an external SIP provider that I know is up and running from other service users. It is only this single IP address that refuses to route out - doesn't even seem to reach the firewall.
0
 

Accepted Solution

by:
Dave Stoneham earned 0 total points
ID: 39952574
Now resolved. The apparent 'loopback' behaviour of the single IP address was due to a misconfigured firewall rule.
0
 

Author Closing Comment

by:Dave Stoneham
ID: 39963526
Once on site and the host and VMs isolated the problem disappeared and only returned when firewall reconnected. Easy to do on site but not so easy remotely.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question