Solved

Basic Client Hyper-V test lab connectivity issue.

Posted on 2017-03-15
7
75 Views
Last Modified: 2017-03-20
Hi Experts

I've built a small test lab using Client Hyper-V on my Windows 10 machine at home.  It is in its infancy at the moment, as I am learning as I go.  See attached diagram for an overview

I have set up a server and a client and given them both static IP addresses.  I want to keep the servers away from the clients so I have set up a VyOS software router inbetween my two virtual switches.  As far as I can tell I have set the router up correctly and i can ping the nearside interfaces from the server machine and also the client machine.  However, when I try to ping the client machine from the server I get a Request Timed Out message.

I have disabled the firewall on both VMs and still get the same RTO message.   I don't believe the firewall is set on the VyOS by default but I may be wrong ?

So what could be blocking the ping request getting back, if I am right the RTO means the ping request is reaching its destination but for some reason not getting back to the sender ??

I have not installed anything else such as AD DS, DHCP, DNS, anti-virus etc on either the server or the client as yet.

As I say I may be overlooking something fuundamental at this stage but I'm only just getting started with this and wanted to get it right.

Any help would be great

Thanks
Matthew
testlab.jpg
0
Comment
Question by:Fantomas01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 42049108
"if I am right the RTO means the ping request is reaching its destination but for some reason not getting back to the sender"

That is an erroneous assumption. If ping was able to know that the packet reached its destination, it'd have no reason to report an error. A time-out can indicate a problem in either direction (or both.) And is very very likely your VyOS install not configured to route ICMP. Which is why near-side pings work.
1
 

Author Comment

by:Fantomas01
ID: 42049122
Thanks for that Cliff, I was thinking it was something to do with the VyOS install, but I wasn't sure.  I will have a look again at that and see if ICMO routing is enabled.

Thanks
Matthew
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 42049150
A router has an external and an internal port.  you can ping from the internal to the external but going the reverse way you can only ping the router and not the client unless you have configured NAT on the router to route ICMP to the client (and only 1 client)
0
Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 42049189
Based on the diagram, I do not believe NAT is in play. You can certainly route between two subnets and ping all devices on either side.
0
 

Author Comment

by:Fantomas01
ID: 42049220
Hi guys

I meant to say that I have set this up as a Private network at the moment, so no access to my home LAN or to the internet.  I haven't set up NAT or anything like that.

Also, I am not currently using DHCP for the clients, but my intention is to set up a DHCP scope to provide IP addresses to the clients.

The idea is to keep the servers on a separate range to the clients.

From the research I have done ICMP is allowed by default on the VyOS router between
So perhaps I need to create a route on the router between the two subnets ?  

Thanks
Matthew
0
 

Author Comment

by:Fantomas01
ID: 42051958
Hopefully some can give me a bit more help with this or tell me if I'm barking up the wrong tree.  I've done some more testing and I am getting

Ping from the server (10.10.1.2)

My server 10.10.1.2 can ping itself and the "nearside" of the router Ie eth0 (10.10.1.1) OK.
When I try to ping the "farside" of the router Ie, eth1 (10.10.2.1) I get : reply from 10.10.1.2: Destination host unreachable.
When I try to ping the Win10 client (10.10.2.10)  I get : reply from 10.10.1.2: Destination host unreachable.

Ping from the Win10 client (10.10.2.10)

My Win10 client 10.10.2.10 can ping itself and the "nearside" of the router Ie eth1 (10.10.2.1) OK.
I can also ping the "farside" of the router IE. 10.10.1.1
When I try to ping the server (10.10.1.2) I'm getting : Request Timed Out

All the firewalls are switched off.

I may be in over my head with having separate subnets at this stage but it seems a fairly simple set up so I'm a bit stuck as to why it's not letting me ping both ways.

Any help would be greatly appreciated even if it is to say I've got it wrong and scrap it and start again :)

Thanks
Matthew
0
 

Author Comment

by:Fantomas01
ID: 42055485
Hi Everyone

Just for completeness I wanted to give and update.

I added a RIP route on the router, but after I did that I was still getting the same errors.  After a bit more playing around and not getting very far I decided to remove the NIC from the DC and re-add it.  Once I did that and re-configured it with the static etc. I was able to ping the workstation on the farside of the router and vice-versa.

I'm not sure what fixed the issue, probably just a reboot !!  But at least I can move on and get my lab set up how I wanted it.

Thanks again for the helpful comments.

Matthew
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Windows 10 came with  a lot of built in applications, Some organisations leave them there, some will control them using GPO's. This Article is useful for those who do not want to have any applications in their image (example:me).
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question