Link to home
Start Free TrialLog in
Avatar of Tim Phillips
Tim PhillipsFlag for United States of America

asked on

Hyper-v guests cannot get to outside network (but can get to the host)

Hyper-v guests are not able to ping through an external switch to outside devices.  However, the guest CAN ping the hyper-v host... so I'm guessing is it related to the physical switch, possibly.  Problem is that most things I Google brings up vswitch related stuff.  I did see an article about using "internet connection sharing", but let's be honest that's not a real solution for a new dev server.

Also, it is the only NIC connected and I am using it for management too... which works...
Avatar of Philip Elder
Philip Elder
Flag of Canada image

Please post the result of the following run in an elevated PowerShell:

Get-VMSwitch | FL

Open in new window

Avatar of Tim Phillips

ASKER

User generated image
I'm using a Brocade switch with nothing crazy on it except no Spanning Tree (which I can turn on, but I doubt matters).
Is there a VLAN tag set to the VMs?
Avatar of Olgierd Ungehojer
Olgierd Ungehojer

You can read thru this article https://blogs.technet.microsoft.com/jhoward/2008/06/17/hyper-v-what-are-the-uses-for-different-types-of-virtual-networks/ I am guesting that problem is related with how you setup your virtual network.
I tried tagging the VM on VLAN1 which is the VLAN the hypervisor is in (no trunking or tagging involved).  Once I set it to VLAN1 it stopped being able to ping the hypervisor.  I'm guessing VLAN tagged traffic get's dropped.  But, again, ping works without using VLANs between the host and guest.

That article appears to simply explain how to make a vswitch.  Like the difference between internal, external and private vswitches.  I'm using an external vswitch.  No VMM and on Windows 2016.

Any other ideas?  The brocade does have two VLANS, but that port is hard coded for VLAN1 without tagging so I don't see that being the issue.
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Good question, but yeah the interface does have a gateway.  When I try to ping a server from the guest it responds "Destination host unreachable" which makes me think it is a routing issue.  However, when I "route print" on the guest I can clearly see the gateway in there as the default route.  0.0.0.0/0

I feel like either the vswitch is simply not bridging with the outside or something...  I recreated it, but can try again.  It is possible that I messed up the process somehow.  But, it doesn't seem terribly complex.  External vswitch and no other settings should work.

I checked arp -a on another server and it had zero entries for the guest vm in question even though I tried pinging it.  So, it seems that even on a layer 2 level it can't communicate.

Also, does any know what the physical switch requirements are for hyper-v?  I doubt there's much but thought I'd ask.  Again googling just turns up vswitch info.
oh yeah, sorry, DHCP doesn't work on guest, static works but only to ping the host
I suggest resetting the switch(es) to default and starting fresh.

There should be no tags or trunks assigned to the ports the Hyper-V server is connected.

Are the VMs able to PING each other if their address is set to static?
Guest VMs can ping each other on the same host.

I may have to resort to trying another switch or blanking out the config, but in lieu of that are there any things I should look at on the hyper-v host side?  I just did a route print on the host and it looks good.  Windows firewalls are off on both the guest and the host so... running out of options.

When I built the host I messed around with "networks" and may have goofed up something there.  Like forcibly changing the network profile from "unidentified network" to "private".  I already tried setting it to "public", but it didn't have an effect on this issue.  Besides, again, the firewall is off.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Verified.  I tried plugging the hypervisor into another switch and it worked.  So the problem is actually the Brocade.  Thanks everyone!