VMware Networking Community
windfall
Contributor
Contributor
‎12-07-2016 02:32 AM

Guest VM is unable to talk to another guest VM on different ESXi host

Hi all,

I just build my NSX lab. I am having two guest VMs which cannot communicate when they are on different ESXI host 6.0.0U2. When I move the VM to same ESXI host, they can ping each other, etc. From NSX GUI, I did trace Flow and there is no blocking shown but the packet never to across another ESXi host. The two hosts are connected to the SAME NSX distributed logical switch. Any idea on this issue?

thanks.

Robin

0 Kudos
4 Replies
p0wertje
Hot Shot
Hot Shot
‎12-08-2016 06:07 AM

Hi,

You can do a ping test for the logical switch.

Go to the gui double click on the logical switch that is not working and try a ping

vxlan-ping.PNG

If the ping does not work, check you switch MTU settings. It should be minimal 1600

--

Chris

Cheers,
p0wertje | VCIX6-NV | JNCIS-ENT | vExpert
Please kudo helpful posts and mark the thread as solved if solved
0 Kudos
rajeevsrikant
Expert
Expert
‎12-08-2016 09:07 AM

@p0wertje - When normal ping is issued the packet size of it will be either 56 or 64 bytes. To this VLXAN adds 50 bytes of over head.

So the entire ping packet size will not exit more than 120 bytes. So in this case even if the MTU size is not set to 1600, the normal ping flow should be successful.


The above is my understanding . Correct if i am wrong.

0 Kudos
hansroeder
Enthusiast
Enthusiast
‎12-09-2016 11:11 AM

You are correct Smiley Happy

However, if you perform this check, it should tell you if you have an end-to-end MTU that's capable of handling the traffic + VXLAN overhead. So if this check is OK, you're safe to say that this is the case. As far as I know, this means that the packet is artificially crafted to resemble a "normal" packet size of 1500 bytes, plus the VXLAN overhead. I could be wrong, but this is a check that's used fairly often (in VMware training, amongst others) to check for the correct MTU size.

0 Kudos
walter12rom
Contributor
Contributor
‎12-09-2016 11:22 AM

I experienced a similar issue and it was all about distributed port group nic-teaming configuration. I have two hosts connected to a distributed switch. The hosts are physically connected to a physical switch through a 4 links channel-group. So because of that, the load balancing policy at distributed port groups must be set at Route based on IP hash.

0 Kudos