Re: Service consoles unable to ping each other

dcops · ‎09-13-2010

We have a 4 node ESX 4.1 cluster. The service consoles are on trunked 10g uplinks configured on correctly tagged port groups. Networking works fine except for connections from host to host. Unable to ping, SSH, etc. from one host to another. VMs, windows on other VLANs connect to all 4 hosts fine both directions. VMs are running, including vCenter without issue. Unable to enable HA due to this host-host connectivity issue.

chadwickking · ‎09-13-2010

Can you provide a few more detials on your networking as far as your sevice console port group and ip ranges.

Have you checked to see if you may have ACLs enabled on that vlan that the SC port is on? The classic deny - any - any Cisco gotcha. Also are you using a distributed switch, vSwitch, or Cisco 1000v?

Sounds like it could be that trunking may not be set up correctly or something with routing of communication. Can you also try DNS vs. IP. I am not sure this helps but trying my best to help ya figure this out. A netowrk layout or desciprtion would be helpful

Regards,

Chad King

VCP

"If you find this post helpful in anyway please award points as necessary"

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

AWo · ‎09-14-2010

Welcome to the forums!

Have you opened the appropriate ports in the ESX console firewall?

AWo

VCP 3 & 4

\[:o]===\[o:]

=Would you like to have this posting as a ringtone on your cell phone?=

=Send "Posting" to 911 for only $999999,99!=

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =

chadwickking · ‎09-14-2010

That would be a good start too 😕

Regards,

Chad King

VCP

"If you find this post helpful in anyway please award points as necessary"

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

dcops · ‎09-14-2010

Firewall was one of the first things we checked, hosts can ping in/out so ICMP not blocked. Hosts cannot ping each other...actually VMs on same VLAN are also unable to ping each other so suspect Trunking misconfig.

dcops · ‎09-14-2010

Using distributed switching, no ACLs, Emulex NICs are patched to fabric extenders connected to Cisco Nexus 5Ks. Everything resolves correctly fwd/reverse as our DNS servers are on different VLAN. Here are ping results:

# ping scaesx03

PING scaesx03.rpega.com (10.61.0.24) 56(84) bytes of data.

From scaesx01.rpega.com (10.61.0.22) icmp_seq=1 Destination Host Unreachable

From scaesx01.rpega.com (10.61.0.22) icmp_seq=2 Destination Host Unreachable

From scaesx01.rpega.com (10.61.0.22) icmp_seq=3 Destination Host Unreachable

--- scaesx03.rpega.com ping statistics ---

4 packets transmitted, 0 received, +3 errors, 100% packet loss, time 3008ms

, pipe 3

# ping 10.61.0.24

PING 10.61.0.24 (10.61.0.24) 56(84) bytes of data.

From 10.61.0.22 icmp_seq=1 Destination Host Unreachable

From 10.61.0.22 icmp_seq=2 Destination Host Unreachable

From 10.61.0.22 icmp_seq=3 Destination Host Unreachable

virtualdive · ‎09-15-2010

you might wanna check the below files and see if both the files have exactly same configuration....sometimes there are misconfigurations, just in case

hosts

resolve.conf

esx.conf

network.conf

thanks

Vish,

VCP4

Hyper-V

Regards,

'V'
thevshish.blogspot.in
vExpert-2014-2021

mwpreston · ‎09-15-2010

Is it the service consoles that cannot ping each other, or are you referring to the ports/nics/vmkernel that you have assigned for vMotion. If the case is the latter you will need to use vmkping instead of simply ping.

There is kb article here

chadwickking · ‎09-15-2010

Usually when you get "destination host unreachable" it has almost always been routing problem in my case. I would still say it seems more of a vlan trunking type of issue since it seems that its not tagging frames correctly. You could always do a test with virtual switches to see if it changes, but like I said I dont think that is the problem.

Here is an old ppt on routing for esx host - this one is old but I think its still a good read:

http://download3.vmware.com/vmworld/2006/tac9689-b.pdf

Cheers,

Chad King

VCP-410 | Server+

"If you find this post helpful in anyway please award points as necessary"

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

chadwickking · ‎09-15-2010

Wow, I totally forgot about that very thing. I didnt see the kb article so I just noted it here:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=100372...

Regards,

Chad King

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

dcops · ‎09-15-2010

Everything on ESX side appears to be configured correctly, our network team is looking at routing but no fix yet. If trunking is turned off everything works fine but we're then stuck on a single VLAN. The service console and VM networking on each host are on distributed switches uplinked with 2 10g NICs to the fabric extenders. These connections are trunked. Port Groups are tagged appropriately.

chadwickking · ‎09-15-2010

What were the results of the vmkping from host to host? still no help?

Cheers, Chad King VCP4 Twitter: http://twitter.com/cwjking | virtualnoob.wordpress.com If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

jcwuerfl · ‎09-16-2010

I've had the same issue a couple of times. Once was the vlan number was missing so make sure that is there on all of them. Also make sure your default vlan is 1 on your physical switch side, then add the other vlans you need to get to.

Here is an example of the setup:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=100407...

All

Service consoles unable to ping each other