VMware Cloud Community
Chandrashekhar
Contributor
Contributor

After VMotion, VM is in accessible outside host

Hi,

I have two ESX servers and some VM's running on it. I did VMotion (host change) using vCenter. After VMotion, I am not able to access moved VM outside the host on which it is currently running. I can ping from other VM's on same host to the new newly moved VM, but cannot ping from VM's on other host. Also, VMotioned VM is able to ping to other VM's on same host but unable to ping other VM's outside host.

Both the physical hosts are identical. VM was working perfectly before VMotion.

Does anyone knows reason behind it? and possible solution for it?

I read this article on communities, but couldn't make out what is the solution for this problem.

http://communities.vmware.com/message/372161;jsessionid=D6F72FF58A3B1B0839FDC84296D24722

Anyone knows how to solve this issue?

Reply
0 Kudos
35 Replies
AWo
Immortal
Immortal

Can other VM's which are on both ESX hosts using the peer vSwitches (the ones the moved guest comes from and was moved to) ping each other?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Chandrashekhar
Contributor
Contributor

Yes, rest of the VM's can ping each other. Only Vmotioned VM is unable to ping any machine (physical and virtual) outside the host on which its running.

Situation is like this :

Configuration Before VMotion :

ESX SERVER 1

-> VM 1

-> VM 2

-> VM 3

-> VM 4

ESX Server 2

-> VM 5

-> VM 6

I VMotioned VM 3 from "ESX SERVER 1" to "ESX SERVER 2".

Configuration after VMotion :

ESX SERVER 1

-> VM 1

-> VM 2

-> VM 4

ESX Server 2

-> VM 5

-> VM 6

-> VM 3

Now, "VM 3" is able to ping "VM 5,6" and ESX Server 2 also but it is unable to ping "VM 1, 2, 4" and ESX server 1.

Also, I am not able to ping "VM 3" from any of the VM's on ESX server 1 but I am able to ping "VM 3" from VM5, 6.

What is the reason behind this problem?

Reply
0 Kudos
AWo
Immortal
Immortal

Can VM1 ping VM5?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Chandrashekhar
Contributor
Contributor

Yes, VM1 can ping VM5 and VM5 can ping VM1.

Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Sorry for late reply and Yes, VM1 can ping VM5 and VM5 can ping VM1.

Reply
0 Kudos
Mllii
Enthusiast
Enthusiast

are all the VMs on the same port groups?

Reply
0 Kudos
AWo
Immortal
Immortal

Do you use some kind of VLAN tagging and the destination vSwitch is not connected to a port which is configured for this VLAN?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

yes, all the VM's are on same port group. I think, I have not configured vSwitch for VMotion. I did not selected "Notify switches" in "NIC TEAMING". Is this the reason behind my problem?

Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Hi,

My mistake was, I didnt enabled "Notify Switch " property in "Nic Teaming" tab. This property should be enabled on all the physical machines involved in VMotion i.e. both on source and destination machine.

Reply
0 Kudos
AWo
Immortal
Immortal

Usually this is necessary for the physical switches to learn the new path more quickly, but it should work without that, also. But as far as I know the default is to inform the switch.


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Yes, you are right. Even after enabling this option, problem still persists. Can you suggest any solution?

Reply
0 Kudos
AWo
Immortal
Immortal

Just a guess (and maybe my last idea) if your vSwitch has more than one physical NIC attached: is it possible that due to the load balancing policy used the moved guest always uses the same physical NIC and this one is not working or is configured to a wrong port (otherwise ESX should automatically use the working NIC)?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Thanks for reply.

VSwitch on both ESX servers have only one NIC. As we are experimenting with vmware virtualization, we are not using dedicated NIC for VMotion.

Does vmware has any documentation which gives detailed steps to do VMotion OR any documentation for troubleshooting such issues?

Is this a totally new problem or anyone ever had this problem before me?

Where can I look for further help?

Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Hi,

I observed some strange behaviour after VMotion.

I will elaborate my VM and ESX configuration again :

ESX 1 :

--> VM 1

--> VM 2

--> VM 3

--> VM 4

ESX 2 :

--> VM 5

--> VM 6

If I move VM 6 from ESX 2 to ESX 1, I observe following :

From VM 6 , I am able to ping VM's on ESX 1 such as VM1, 2, 3 4 AND also VM on ESX 2 i.e VM 5.

I am able to ping VM 6 from VM 5.

Here, I thought my problem has been solved.

But If I move VM 6 back again to ESX 2 from ESX 1,

I cannot ping VM 1, 2, 3 , 4 from VM 6.

Also, from VM 1,2,3,4 I cannot ping to VM 6.

I read some other threads on communities. I have kept commong network label on both the hosts, IP address for VMotion is totally different and valid within the network. Default gateway is same for both the hosts.

Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

Any suggestions?

Reply
0 Kudos
AWo
Immortal
Immortal

I would recommend to use a dedicated LAN for VMotion. However the IP addresses used for VMotion are for the actual move and are not related to the client communication (and the move works). But as I haven't had my hands on such a configuration I don't know if side effects possible.


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos
AWo
Immortal
Immortal

All guests are in the same IP subnet? 192.168.1.0 for example?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos
Chandrashekhar
Contributor
Contributor

As if now, I do not have access to second NIC present on ESX server.

VM's get their IP addresses by DHCP, so their addresses change from 172.20.52.x to 172.20.56.xxx

I read document below, but couldnt solve the issue even after following steps mentioned in it.

Document mentions that I need to clear MAC address tables in physical switch. As I am not a network guy, I do not know how to do this.

Also, I dont think this is feasible solution because my application will do VMotion any time user wants but every time clearing MAC address table is not a clean solution.

Reply
0 Kudos
AWo
Immortal
Immortal

In general you do not need to take care about anything when VMotion is working. MAC addresses are learned by the switches very quick, so there is no need for manual intervention.

In fact, all TCP/IP stacks following the standard are requested to do an ARP request even if the packt is an answer for an incoming packet. By issuing the ARP request the host in question will answer and therby its MAC address is send along the new path over the new physical switch. This way the switch learns that this MAC address is visible on its port.

See, I'm moving guests very often between two different datacenters and there's nothing for me to do than just move the guest.

The article mentions port security on the switch, yes, that can be an issue. Ask your network guys to check that.

The IP addresses you use have which mask? 255.255.0.0 or 255.255.255.0 or ...?


AWo

VCP / VMware vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
Reply
0 Kudos