Hi , i have an issue with esxi vpshere .
I built a windows server 2012 vm using workstation made all the connection test (ping gateway , ping other computers in the network ...) everything worked fine
Then i put my Windows server VM in a esxi vsphere server everything work great
The weird thing is when i start my vm in the esxi server UI my windows server receive his ip adresse through the dhcp server but i cant ping the gateway anymore and cant ping other computers in the network ?
briefly ....
1)The VM can ping the ESXI SERVER
2)THE ESXI server Can ping the VM
3)The esxi server can ping the default gateway
4) the vm CAN't ping the default gateway
Any ideas ?
Please describe your network schemas and how you've configured networking on the host.
Pretty simple network ; PC connected to 1 switch (port 1-4) and that switch (port 24) is connected to the router (subinterface GigabitEthernet0/1.99)
1 vlan (99)
Router also do nating (interface GigabitEthernet0/2) because it's an dev lab in school who has another network higher
the windows server vm and the esxi server has a static adresse (172.16.1.x) subnet 255.255.255.0
Default gateway is 172.16.1.1
-------------------------------------------------------------------------------------------------------------------------------------------------
Router config
Last configuration change at 19:07:53 UTC Fri Dec 1 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
!
ip dhcp excluded-address 172.16.1.1 172.16.1.30
!
ip dhcp pool ClIENT_LAN
network 172.16.1.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.16.1.1
!
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2921/K9 sn FTX1824AH1U
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.99
encapsulation dot1Q 99
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/2
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/2 overload
!
access-list 1 permit 172.16.0.0 0.0.255.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
!
end
SWITCH
Switch
no aaa new-model
switch 1 provision ws-c3750e-24td
system mtu routing 1500
ip routing
!
!
!
!
crypto pki trustpoint TP-self-signed-1754980992
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1754980992
revocation-check none
rsakeypair TP-self-signed-1754980992
!
!
crypto pki certificate chain TP-self-signed-1754980992
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373534 39383039 3932301E 170D3036 30313032 30303031
33365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37353439
38303939 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BA65 24C7C75C 0C7B461D E7C11F12 EFEC20C0 35812AEE 9258E5F7 C67B1596
99A2A4B3 D1EE15BE 021974AD 5C44FDD6 FEE27D81 F4C10A82 830646AC 5E332FAE
A8B4C7B6 9BA0D659 4745BD31 8E552B6D A235ECDF 2F00FCB2 4872F077 24C8DF9E
F7C4D855 8723FCC3 2F372CE1 C1755FDB 9C176D23 257C27B0 3D86B166 4A8398DA
2CF30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1417D019 2B4EFF4C 55029B3F 3A0F9912 D7C7919F FC301D06
03551D0E 04160414 17D0192B 4EFF4C55 029B3F3A 0F9912D7 C7919FFC 300D0609
2A864886 F70D0101 05050003 818100A3 CAC50E44 5D6A8532 4175AF87 875420D5
2A1C0AB1 9248EF06 57E700DA D2881FEF 1625FC7A A90AAE43 C6369AA8 022D41AA
D87A5A3A 013CAE7D 35B6DAF3 049C8FBE 93396963 D449B294 EED36BD2 506EBFD1
D4207A40 7C2EBA86 2FF68159 31C3EA12 DDE49CB4 98D91101 19D0E84B AA6B3D12
DB101D27 D1093AE5 D09090C2 911FD9
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
no ip route-cache
!
interface GigabitEthernet1/0/1
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface TenGigabitEthernet1/0/1
!
interface TenGigabitEthernet1/0/2
!
interface Vlan1
no ip address
!
interface Vlan99
ip address 172.16.1.15 255.255.255.0
!
ip default-gateway 172.16.1.1
ip http server
ip http secure-server
!
!
!
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end
Switch#
Pretty simple network ; PC connected to 1 switch (port 1-4) and that switch (port 24) is connected to the router (subinterface GigabitEthernet0/1.99)
1 vlan (99)
Router also do nating (interface GigabitEthernet0/2) because it's an dev lab in school who has another network higher
the windows server vm and the esxi server has a static adresse (172.16.1.x) subnet 255.255.255.0
Default gateway is 172.16.1.1
-------------------------------------------------------------------------------------------------------------------------------------------------
Router config
Last configuration change at 19:07:53 UTC Fri Dec 1 2017
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
!
ip dhcp excluded-address 172.16.1.1 172.16.1.30
!
ip dhcp pool ClIENT_LAN
network 172.16.1.0 255.255.255.0
dns-server 8.8.8.8
default-router 172.16.1.1
!
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2921/K9 sn FTX1824AH1U
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.99
encapsulation dot1Q 99
ip address 172.16.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/2
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet0/2 overload
!
access-list 1 permit 172.16.0.0 0.0.255.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
!
end
SWITCH
Switch
no aaa new-model
switch 1 provision ws-c3750e-24td
system mtu routing 1500
ip routing
!
!
!
!
crypto pki trustpoint TP-self-signed-1754980992
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1754980992
revocation-check none
rsakeypair TP-self-signed-1754980992
!
!
crypto pki certificate chain TP-self-signed-1754980992
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373534 39383039 3932301E 170D3036 30313032 30303031
33365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37353439
38303939 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BA65 24C7C75C 0C7B461D E7C11F12 EFEC20C0 35812AEE 9258E5F7 C67B1596
99A2A4B3 D1EE15BE 021974AD 5C44FDD6 FEE27D81 F4C10A82 830646AC 5E332FAE
A8B4C7B6 9BA0D659 4745BD31 8E552B6D A235ECDF 2F00FCB2 4872F077 24C8DF9E
F7C4D855 8723FCC3 2F372CE1 C1755FDB 9C176D23 257C27B0 3D86B166 4A8398DA
2CF30203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 1417D019 2B4EFF4C 55029B3F 3A0F9912 D7C7919F FC301D06
03551D0E 04160414 17D0192B 4EFF4C55 029B3F3A 0F9912D7 C7919FFC 300D0609
2A864886 F70D0101 05050003 818100A3 CAC50E44 5D6A8532 4175AF87 875420D5
2A1C0AB1 9248EF06 57E700DA D2881FEF 1625FC7A A90AAE43 C6369AA8 022D41AA
D87A5A3A 013CAE7D 35B6DAF3 049C8FBE 93396963 D449B294 EED36BD2 506EBFD1
D4207A40 7C2EBA86 2FF68159 31C3EA12 DDE49CB4 98D91101 19D0E84B AA6B3D12
DB101D27 D1093AE5 D09090C2 911FD9
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
no ip route-cache
!
interface GigabitEthernet1/0/1
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface TenGigabitEthernet1/0/1
!
interface TenGigabitEthernet1/0/2
!
interface Vlan1
no ip address
!
interface Vlan99
ip address 172.16.1.15 255.255.255.0
!
ip default-gateway 172.16.1.1
ip http server
ip http secure-server
!
!
!
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end
What does the networking configuration look like from the ESXi side? Show or describe the virtual switch topology and connectivity, please.
Will post at school in 3 hours . But i kinda didnt really configure the vswitch . so you can assume the default config . 2 interfaces , 1 for management , 1 for networking but will post detailed in 3 hours .
Thank you for looking daphnissov
Vswitch settings if you need more just ask
Looks like it has to do with your use of VGT. VGT isn't really recommended in your setup. Create a port group an assign it the 802.1Q tag that's specific to its broadcast domain (VLAN99 in your case) and make sure you clear any guest tags, then try your ping to the gateway.
My VLAN is set in mode access so the packets flagging shouldnt be an issue.
And it's a new config i've tried because when i start the VM i saw an error message sayin that promiscuous mode wasnt enable
I've read about promiscuous mode and it's seemed it'could be my issue
In the kb i read they says it's a good idea to use the 4095 vlan id because it allow every vlans .
Note that my ports on my physical switch are in access mode so it dont really use vlan tagging
Also , i will maybe look noob (im a student ) but what do you mean by VGT
Note that my esxy server is also virtual and he run on a Lubuntu machine i've seen that linux machine have an issue with promiscuous mode (or a special way to activate it )
If you still think it could be my issue i will try your idea but in the beginning i'im pretty sure i've tried to set my vlan as 99 in the network portgroup and the management portgroup
Thank you for your time .:)
My VLAN is set in mode access so the packets flagging shouldnt be an issue.
If your uplink port is in access mode for VLAN99, you don't need to allow all VLANs. You don't apply tags to the port at all if you want connectivity across that VLAN.
Note that my esxy server is also virtual and he run on a Lubuntu machine i've seen that linux machine have an issue with promiscuous mode (or a special way to activate it )
Ok, so you have a Lubuntu machine (physical?) that's running some hypervisor (what is it?) that's running ESXi that's running Windows 2012?
Also , i will maybe look noob (im a student ) but what do you mean by VGT
VGT = VLAN Guest Tagging. When you tag a port with 4095 you're allowing all VLANs for that port. In your case, if the uplink for that vswitch is in access mode for VLAN99, you don't apply any tags at all. VGT opens up complexity that it sounds like you aren't a candidate for. See this KB if you want some more information.
the below linked KB will give introduction to VGT, VST and EST..
In case of access mode with one vLAN on physical switch you are using EST.
I would be looking at your vswitch as well, no need to have tagged vlans if you physical switch is set to access points, you use these when the point is a trunk and you are sending multiple vlans to the Host