VMware Cloud Community
clos80
Contributor
Contributor

Multiple L2 (Multiple VDS) in a VXLAN Fabric environment

Hi All,

I'm creating the same environment as the one describe at page 48 of the attached document. Basically I've two DCs, each DC has its own VDS. Using vCNS I've created a VXLAN fabric. The VTEP on the EAST DC is in a different subnet from the VTEP on the WEST DC. Between the DCs there is a switch with multicast forwarding enabled.

East DC VTEP IP address is 10.230.0.75, West DC VTEP IP address is 10.200.0.52. Virtual Wire is spannig accross the 2 DC with VNI 5002 and subnet 10.0.10.0.24.

One Linux VM-3 (IP 10.0.10.3) is sitting on the ESXi host with VTEP IP 10.230.0.75 (East), another Linux VM-1 (IP 10.0.10.1) is sitting on the ESXi host with VTEP IP 10.200.0.52 (West). The objective is to be able to ping between VM-1 and VM-3.

When I try ping VM-1 from VM-3 I see that VM-1 receives the arp request and it replies, but the arp reply never gets to VM-3.

I've exactly the same behvior when I ping VM-3 from VM-1.

Do you want what's going on? Is there way to sniff the traffic on the ESXi to see where the arp reply is goign?

Thx for you help,

Claudio.

Tags (3)
Reply
0 Kudos
3 Replies
RaymundoEC
VMware Employee
VMware Employee

Hello Claudio,

Try this, a VM with Windows or Linux and WireShark installed, then put in the same port group or dvportgroup of VTEP's then check or filter traffic to see only VXALN and ARP protocol.

Do not forget the promiscuous mode on switch if required.

check in two points, ESX where VM-1 is located and where VM-3 is located.

Hope this helps!

Ray.

+vRay
Reply
0 Kudos
clos80
Contributor
Contributor

Hi Ray,

Thx for you anwer. It looks like I can't assign the VTEP's port group to a VM, I got error "Failed to connect virtual device ethernet1".

Some additional information, if I sniff on the VTEP (where VM-1 is sitting) the traffic received from the VTEP toward VM-1, with the following command:

pktcap-uw --uplink vmnic5 --capture UplinkRcv

I can see the ARP request from VM-3 coming. But if I the sniff all the traffic sent from the VTEP toward the physical switch, with the following command:

pktcap-uw --uplink vmnic5 --capture UplinkSnd

I can't see the ARP reply sent from VM-1.

Is there a way so see the VTEP forwarding using esxcli commands? Can I manually add an entry in this table?

I'm really lost here as I don't understand where the ARP reply is going and how to troubleshoot the problem.

Thx for you help,

Claudio.

Reply
0 Kudos
clos80
Contributor
Contributor

Problem solved. It was a routing problem on the ESXi host :smileyconfused:. By default you don't have a default route.

Here is the command to add the default route from the shell:

esxcli network ip route ipv4 add --gateway x.x.x.x --network x.x.x.x/xx --netstack=vxlan

Reply
0 Kudos