Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

VM can ping everything on it's own subnet... but not the default gateway (but everything else can)

Posted on 2016-10-20
9
Medium Priority
?
166 Views
Last Modified: 2016-11-01
So I have a VM, it can ping everything on it's own subnet, including stuff external to the esxi host.  But it can't ping the default gateway (which is a fortigate 100d).  The fortigate says it gets the ping and that it replies, but somehow this host is not getting the reply.

Any ideas?

How could I packet capture at the esxi level to see if the reply is being delivered to the VM?

The VM's address is 192.168.1.58

in fortigate I might do something like

diag sniffer packet any 'icmp and host 192.168.1.58' 4

And it would list info about packets for that host.... can I do similar in CLI (or GUI) in esxi to see if esxi thinks it is handing the packet to the host?  

Any of troubleshooting ideas?

Everything was fine and then this just happened randomly....
0
Comment
Question by:Xetroximyn
9 Comments
 
LVL 124
ID: 41853401
what does your networking look like ?

are the VM and ESXi host on the same network ?

can you ping the default gateway from the Host ?
0
 
LVL 5

Assisted Solution

by:Kylo Ren
Kylo Ren earned 500 total points
ID: 41855442
i would install wireshark on the host to see if the packets are getting dropped
0
 

Author Comment

by:Xetroximyn
ID: 41855549
The VM is on the esxi host.

Everything else on the subnet is working fine.  All other devices (including other VM's on the same ESXI host, and the esxi host itself, and all other physical devices) can ping everything on the subnet (192.168.1.x), they can ping the gateway  (192.168.1.1) and past the gateway. (say 8.8.8.8)

This one VM, can ping everything else on the same subnet.  So it can ping 192.168.1.2-254 but it can't ping 192.168.1.1.  

192.168.1.1 is a fortigate so I have run a sniffer and I see the pings come in and replies go out
diag sniffer packet any 'icmp and host 192.168.1.58' 4

I have wireshark on the PC, but I am not familiar with correct syntax to filter it down.   Can any one help with that?

In any case though, is there really a possibility wireshark could see the packet enter the PC if ping command is not seeing it?   That's why I was thinking about packet sniffing at the ESXI level.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 124
ID: 41855561
is this VM connected to the same VM portgroup as all the other VMs?

what network interface are you using in the VM? E1000 ?

firewall disabled on VM ?
0
 

Author Comment

by:Xetroximyn
ID: 41855589
same port group.  E1000.  Firewall is not disabled because it's on a domain that greys out that option, but it's just standard windows firewall.  Settings have not changed.  And it can ping all other IP's just not the gateway.  I'm sure there is no rule disallowing ping only from 192.168.1.1.

Is it possible to easly packet sniff at esxi level like it is on our fortigate?  That's what I would really like to do.  To confirm if esxi thinks it's delivering the packets to the PC.

Not sure if I mentioned this before but it did this once before and resolved itself before I had much chance to troubleshoot.
0
 
LVL 124
ID: 41855600
just quickly STOP the firewall service in the OS via services, and check....if you can ping this default gateway, if stiil issues....

also change the interface to VMXNET3 which you should be using for all VMs, rather than the E1000 legacy emulated interface.

and then repeat ping with and without firewall running.
0
 

Author Comment

by:Xetroximyn
ID: 41855607
Ah - didn't realized I could disable service in services panel.  :-)  Did that, still no ping to gateway.  Looks like I need to reboot in order to add new network card.  I am hoping, if its possible, to do a packet sniff at esxi level before rebooting just to see what esxi is seeing.  

I wonder if i reboot if the problem will resolve itself again, and I will have lost another chance to troubleshoot deeper.

Thanks!
0
 
LVL 124

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1000 total points
ID: 41855620
Network interfaces are HOT ADD, Plug and Play. No need to reboot.

Simple Add a new VMXNET3 network interface, and Disable the old legacy  e1000, re-test with ping, with firewall disabled. (service stopped)

you want to packet sniff at the host, be my guest...

Using the pktcap-uw tool in ESXi 5.5 and later (2051814)

Monitoring network traffic from within a virtual machine on a VMware vSphere ESX/ESXi server (1038847)

Capturing a network trace in ESXi using Tech Support Mode or ESXi Shell (1031186)

http://www.vmwarearena.com/how-to-capture-network-trafficpacket-on-esxi-hosts/

As for installing Wireshark on ESXi, you may want to ask @Aaron Goodman! normally you take the output captured on ESXi and load into Wireshark on a Windows PC.
0
 
LVL 20

Assisted Solution

by:compdigit44
compdigit44 earned 500 total points
ID: 41856308
For the port group which load balancing options do you have selected? Route based on originating IP, IP hash etc... If you switches are not setup in a bonded pair ie: etherchannel/LACP you should leave it at the default of Route based on IP hash
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question