Solved

Vmware host routing

Posted on 2014-07-25
25
286 Views
Last Modified: 2014-08-08
Hello EE,

I have guests on one host ( HOST1 - 192.168.40.101) that cannot ping guests on the other host ( HOST2 -192.168.40. 102.) However, HOST2  guests can ping HOST1 guests, so appears to be a routing issue . Please advise
0
Comment
Question by:davesnb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 10
  • 2
  • +1
25 Comments
 
LVL 20

Expert Comment

by:rauenpc
ID: 40219817
Is there a firewall anywhere? Are the guests on the same subnet? Do the guests have the same default gateway configured? Have you checked that the physical switches have correctly configured ports/vlans? Do you vSwitches have the correct vlan tags (or lack thereof)? Do some of the guests have software firewalls enabled but others not?
0
 

Author Comment

by:davesnb
ID: 40219853
Is there a firewall anywhere?
-There is no firewall

Are the guests on the same subnet?
-The guests are on the same subnet

 Do the guests have the same default gateway configured?
-The guests from both hosts use the same default gateway (192.168.40.1)

 Have you checked that the physical switches have correctly configured ports/vlans?
-Yes, physical boxes are ok patched into the same phisical switch

Do your vSwitches have the correct vlan tags (or lack thereof)?
**Please explain

Do some of the guests have software firewalls enabled but others not?
-All windows OS, the firewall service is disabled on all.
0
 
LVL 120
ID: 40219911
You have checked firewalls are OFF on the VMs ?

there is some weird connectivity issue occurring here....

192.168.40.101
192.168.40. 102

both of the above IP Addresses are on the same subnet, there is no routing required to reach them,

What are the VM IP Addresses ?

192.168.40.xxx ?

VMware ESXI does not provide any routing....

please upload screenshots of your networking.....
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 13

Expert Comment

by:Michael Machie
ID: 40219930
""Do your vSwitches have the correct vlan tags (or lack thereof)?
**Please explain""

I believe he is asking if the switch ports the computer is plugged in to is configured to allow that network scheme to speak to other devices in that scheme. Switch ports can be configured independently from each other on business class routers/switches. Using different vLANs (different IP schemes on the same network controlled by the switch) usually requires some configuration to have devices speak to each other across the vLANs and switch ports.

The machine that can ping properly may be set on a switch port that can speak to that scheme, whereas the same may not be true for the machine that cannot ping out properly.
0
 

Author Comment

by:davesnb
ID: 40219972
is there an independent setting on the vm guest instance ( or host instance) that deals with a "firewall"?
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 40220032
Just the embedded firewall application within the VM's operating system if it has one.
VMWare itself does not have an embedded firewall.
0
 
LVL 120
ID: 40220233
VMs can have a firewall, what is the OS ?
0
 

Author Comment

by:davesnb
ID: 40220238
The OS is 2012 and 2003 MS server . Where is the firewall setting on the vm guest instance ?
0
 
LVL 120
ID: 40220246
On the Network Interface.
0
 

Author Comment

by:davesnb
ID: 40220268
Can you be more specific please, this is 5.5 vmware client , connected to vcenter server .. Where do I browse to this firewall setting
0
 
LVL 120
ID: 40220494
The firewall settings are specific to the virtual machine OS, not vCenter Server, not vSphere Web Client.

Connect to the VM, via Console, RDP, and open Control Panel, and check Firewall is OFF.
0
 

Author Comment

by:davesnb
ID: 40220502
Right. As mentioned , the firewall service is disabled on all os
0
 
LVL 120
ID: 40220521
okay, can you upload screenshots of your hosts ESXi networking.
0
 

Author Comment

by:davesnb
ID: 40224313
Update;

I have a windows 2012 server "MQ1 - ip 192.168.40.194" on vm host 102 , and a windows 2012 server "MQ2 - ip 192.68.40.194" on vm host 101 . These MQ's are clustered using nlb with cluster ip 191 and 192, on tcp 1414 .

- Guests on 101 can ping all servers on 102 except "MQ1 - 192.168.40.194" . However, MQ2 can ping MQ1
- guests on 102 can ping all servers on 101 except "MQ2 -192.168.40.195". However, MQ1 can ping MQ2

All guest vm s on host 101 can ping the the cluster ip (40.192) each way , however there is no routing to the MQ1 (active) 1414 port which is clustered .

All physical servers on the same subnet ( 40.x) can ping MQ1 and telnet ok to port 1414.  All guest vms on the same host as MQ1 can ping and telnet ok to MQ1

Any ideas , much appreciated.
0
 
LVL 120
ID: 40224342
okay, can you upload screenshots of your hosts ESXi networking. (repeated!)
0
 

Author Comment

by:davesnb
ID: 40224568
here is the 102 host networking config, the 101 would be similar ..
vmware102.jpg
vmware102-1.jpg
vmware102-2.jpg
vmware102-3.jpg
vmware102-4.jpg
vmware102-5.jpg
0
 
LVL 120
ID: 40224575
please upload 101 so I can compare, at present I cannot compare anything....
0
 

Author Comment

by:davesnb
ID: 40224602
0
 

Author Comment

by:davesnb
ID: 40226685
Any ideas on this ? When the nlb cluster is spread across 2 hosts , guests on 101 ( same subnet) cannot connect to the active MQ1 listener tcp 1414 on 102 . However, the physical servers on the same subnet have no issues.
0
 
LVL 120
ID: 40226722
NLB is a different issue entirely.

This is the first time you've mentioned NLB?

is this Windows NLB ?
0
 

Author Comment

by:davesnb
ID: 40226737
Yes , this is windows nlb
0
 
LVL 120
ID: 40226795
and are all the issues with this?
0
 

Author Comment

by:davesnb
ID: 40226902
Yes , just with this connection.
0
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40226924
Okay, Microsoft NLB cause many issues with VMware vSphere

1. Check you are using Multicast as recommended by VMware.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006580

2. You must ensure that you have defined STATIC ARP entries on ALL your physical switches in your network, which you expect to see multicast traffic or NLB trafifc on or to.

http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1006558
0
 

Author Closing Comment

by:davesnb
ID: 40248948
Many thanks, the multicast mode needed to be enabled .
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …
Teach the user how to install and configure the vCenter Orchestrator virtual appliance Open vSphere Web Client: Deploy vCenter Orchestrator virtual appliance OVA file: Verify vCenter Orchestrator virtual appliance boots successfully: Connect to the …

736 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question