Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.
Basic Client Hyper-V test lab connectivity issue.
Hi Experts
I've built a small test lab using Client Hyper-V on my Windows 10 machine at home. It is in its infancy at the moment, as I am learning as I go. See attached diagram for an overview
I have set up a server and a client and given them both static IP addresses. I want to keep the servers away from the clients so I have set up a VyOS software router inbetween my two virtual switches. As far as I can tell I have set the router up correctly and i can ping the nearside interfaces from the server machine and also the client machine. However, when I try to ping the client machine from the server I get a Request Timed Out message.
I have disabled the firewall on both VMs and still get the same RTO message. I don't believe the firewall is set on the VyOS by default but I may be wrong ?
So what could be blocking the ping request getting back, if I am right the RTO means the ping request is reaching its destination but for some reason not getting back to the sender ??
I have not installed anything else such as AD DS, DHCP, DNS, anti-virus etc on either the server or the client as yet.
As I say I may be overlooking something fuundamental at this stage but I'm only just getting started with this and wanted to get it right.
Any help would be great
Thanks
Matthew
testlab.jpg
I've built a small test lab using Client Hyper-V on my Windows 10 machine at home. It is in its infancy at the moment, as I am learning as I go. See attached diagram for an overview
I have set up a server and a client and given them both static IP addresses. I want to keep the servers away from the clients so I have set up a VyOS software router inbetween my two virtual switches. As far as I can tell I have set the router up correctly and i can ping the nearside interfaces from the server machine and also the client machine. However, when I try to ping the client machine from the server I get a Request Timed Out message.
I have disabled the firewall on both VMs and still get the same RTO message. I don't believe the firewall is set on the VyOS by default but I may be wrong ?
So what could be blocking the ping request getting back, if I am right the RTO means the ping request is reaching its destination but for some reason not getting back to the sender ??
I have not installed anything else such as AD DS, DHCP, DNS, anti-virus etc on either the server or the client as yet.
As I say I may be overlooking something fuundamental at this stage but I'm only just getting started with this and wanted to get it right.
Any help would be great
Thanks
Matthew
testlab.jpg
Asked:
-
4
2
1 Solution
Thanks for that Cliff, I was thinking it was something to do with the VyOS install, but I wasn't sure. I will have a look again at that and see if ICMO routing is enabled.
Thanks
Matthew
Thanks
Matthew
A router has an external and an internal port. you can ping from the internal to the external but going the reverse way you can only ping the router and not the client unless you have configured NAT on the router to route ICMP to the client (and only 1 client)
Based on the diagram, I do not believe NAT is in play. You can certainly route between two subnets and ping all devices on either side.
Hi guys
I meant to say that I have set this up as a Private network at the moment, so no access to my home LAN or to the internet. I haven't set up NAT or anything like that.
Also, I am not currently using DHCP for the clients, but my intention is to set up a DHCP scope to provide IP addresses to the clients.
The idea is to keep the servers on a separate range to the clients.
From the research I have done ICMP is allowed by default on the VyOS router between
So perhaps I need to create a route on the router between the two subnets ?
Thanks
Matthew
I meant to say that I have set this up as a Private network at the moment, so no access to my home LAN or to the internet. I haven't set up NAT or anything like that.
Also, I am not currently using DHCP for the clients, but my intention is to set up a DHCP scope to provide IP addresses to the clients.
The idea is to keep the servers on a separate range to the clients.
From the research I have done ICMP is allowed by default on the VyOS router between
So perhaps I need to create a route on the router between the two subnets ?
Thanks
Matthew
Hopefully some can give me a bit more help with this or tell me if I'm barking up the wrong tree. I've done some more testing and I am getting
Ping from the server (10.10.1.2)
My server 10.10.1.2 can ping itself and the "nearside" of the router Ie eth0 (10.10.1.1) OK.
When I try to ping the "farside" of the router Ie, eth1 (10.10.2.1) I get : reply from 10.10.1.2: Destination host unreachable.
When I try to ping the Win10 client (10.10.2.10) I get : reply from 10.10.1.2: Destination host unreachable.
Ping from the Win10 client (10.10.2.10)
My Win10 client 10.10.2.10 can ping itself and the "nearside" of the router Ie eth1 (10.10.2.1) OK.
I can also ping the "farside" of the router IE. 10.10.1.1
When I try to ping the server (10.10.1.2) I'm getting : Request Timed Out
All the firewalls are switched off.
I may be in over my head with having separate subnets at this stage but it seems a fairly simple set up so I'm a bit stuck as to why it's not letting me ping both ways.
Any help would be greatly appreciated even if it is to say I've got it wrong and scrap it and start again :)
Thanks
Matthew
Ping from the server (10.10.1.2)
My server 10.10.1.2 can ping itself and the "nearside" of the router Ie eth0 (10.10.1.1) OK.
When I try to ping the "farside" of the router Ie, eth1 (10.10.2.1) I get : reply from 10.10.1.2: Destination host unreachable.
When I try to ping the Win10 client (10.10.2.10) I get : reply from 10.10.1.2: Destination host unreachable.
Ping from the Win10 client (10.10.2.10)
My Win10 client 10.10.2.10 can ping itself and the "nearside" of the router Ie eth1 (10.10.2.1) OK.
I can also ping the "farside" of the router IE. 10.10.1.1
When I try to ping the server (10.10.1.2) I'm getting : Request Timed Out
All the firewalls are switched off.
I may be in over my head with having separate subnets at this stage but it seems a fairly simple set up so I'm a bit stuck as to why it's not letting me ping both ways.
Any help would be greatly appreciated even if it is to say I've got it wrong and scrap it and start again :)
Thanks
Matthew
Hi Everyone
Just for completeness I wanted to give and update.
I added a RIP route on the router, but after I did that I was still getting the same errors. After a bit more playing around and not getting very far I decided to remove the NIC from the DC and re-add it. Once I did that and re-configured it with the static etc. I was able to ping the workstation on the farside of the router and vice-versa.
I'm not sure what fixed the issue, probably just a reboot !! But at least I can move on and get my lab set up how I wanted it.
Thanks again for the helpful comments.
Matthew
Just for completeness I wanted to give and update.
I added a RIP route on the router, but after I did that I was still getting the same errors. After a bit more playing around and not getting very far I decided to remove the NIC from the DC and re-add it. Once I did that and re-configured it with the static etc. I was able to ping the workstation on the farside of the router and vice-versa.
I'm not sure what fixed the issue, probably just a reboot !! But at least I can move on and get my lab set up how I wanted it.
Thanks again for the helpful comments.
Matthew
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
That is an erroneous assumption. If ping was able to know that the packet reached its destination, it'd have no reason to report an error. A time-out can indicate a problem in either direction (or both.) And is very very likely your VyOS install not configured to route ICMP. Which is why near-side pings work.