fvogel
Contributor
Contributor

Gateway and DC conflict

Jump to solution

Hi,

We have an ESX3.5 server set up as a lab testbed. I have created several isolated networks, each on thier own isolated vSwitch. I use a lightweight gateway (IPCop) to bridge to the outside world if necessary. Inside the switch each developer has a full 192.168.80.x network. The gateway is 192.168.80.1. This setup works fine for almost every VM I drop onto a switch; until one of them is a domain controller.

Currently i have one switch with 2 vm's behind it. One is a DC. With that in there my gateway stops working and my VM's can no longer see the outside world. I don't know much about how DCs work. My hope is that someone here can provide a quick explaination of what is happening and suggest some workarounds.

Thanks,

Fred

0 Kudos
1 Solution

Accepted Solutions
ctfoster
Expert
Expert

When you say the VM's 'cant see' other hosts do you means they can't ping out using the ip address of an external host or can ping using a FQDN ?

I also notice host iwcasd02 has routing IP enabled according to ipconfig - any reason why?

View solution in original post

0 Kudos
7 Replies
RParker
Immortal
Immortal

Post the GW of the DC and ALL the IP parameters as well as the VM Switch settings for that segment on the ESX host.

Then we can look at what is going on.

0 Kudos
fvogel
Contributor
Contributor

I attached a notepad file that has some of the IP info you wanted. Let me know if you need something else. In my first post i made an error, this is a 192.168.254.x network.

Thanks,

Fred

0 Kudos
ctfoster
Expert
Expert

When you say the VM's 'cant see' other hosts do you means they can't ping out using the ip address of an external host or can ping using a FQDN ?

I also notice host iwcasd02 has routing IP enabled according to ipconfig - any reason why?

View solution in original post

0 Kudos
fvogel
Contributor
Contributor

Right, to be clear. The only thing that these boxes can ping are VMs inside the same vSwitch. The gateway is not providing the gateway fuctionality. So I can not ping/connect to anything via hostname or IP address outside. This gateway configuration works on my other vSwitch networks and worked with iwcasd02 until i turned on the vm with the DC.

As for your questions concerning routing IP, I do not know why it is turned on. I will see if any applications require this and shut it down if it is not required; but I can tell you that prior to turning on the DC VM that VM was able to use the gateway. I did reinstal vmware tools on that machine an reboot. Honestly, I don't really understand how DC's work; I suppose when that machine came back up with the DC turned on it became part of the domain and that ultimatly is what is screwing everything up. Please bear with me, i'm a developer and not an IT admin.

Thanks

0 Kudos
ctfoster
Expert
Expert

DC's are nothing special - they obey the same laws of networking as everything else.

Turn the DC off. From one of the VM's that can now ping an external address type the following commands and capture the output of the arp commands.

ping <external address>

arp -a

Now bring up the DC and repeat - assuming its now not working and also capture the output of the arp command.

Also does your DC run DHCP ?

fvogel
Contributor
Contributor

Hi,

I will have to reply to this tomorrow. The person using the VMs can't have them distrubed right now. I will let you know as soon as I can. I did some reserach on IP Routing Enabled and I do not know why it is on; in fact, i dont know how to turn it on and off. I'll look into that and try to disable it, after having read what it does, that could be a problem.

Thanks

Fred

0 Kudos
fvogel
Contributor
Contributor

Sorry for the extreme delay on resopnding to this. It took two weeks for me to be able to get back on the machine.

CTFoster you were ultimatly correct. After your comment about IP Routing being enabled i did some research. When i turned it off, everything started working the way it should. It had nothing to do with the DC at all. Once again, thank you for your advice.

Fred

0 Kudos