3 Replies Latest reply on Jul 29, 2015 9:48 PM by Gaurav_Sangamnerkar

    Cant ping between VXLANs

    pwright84 Novice

      Hi all I have the following setup

       

      Host1

      VM1 VXLAN 5001 172.16.10.11

      VM5 VXLAN 5002 172.16.20.12

       

      Host2

      VM2 VXLAN 5001 172.16.10.12

      VM3 VXLAN 5002 172.16.20.11

      VM4 VXLAN 5003 172.16.30.11

       

      DLR-1

      LIF - VXLAN 5001 172.16.10.1

      LIF - VXLAN 5002 172.16.20.1

      LIF - VXLAN 5003 172.16.30.1

       

      All VMs can ping their default gateway (.1) and all VMs can ping other VMs in the same VXLAN even across hosts e.g VM1 and VM3. However no VM can ping another VM in a different VXLAN even on the same host e.g VM1 to VM5. When I logon to the DLR CLI I can ping all the .1 address but cant ping the VMs. Firewalls have no deny/reject rules. Anybody have any idea why this isn't working?

        • 1. Re: Cant ping between VXLANs
          azharsoomro Novice
          VMware Employees

          Please make sure that all these logical switches are connected to the same global transport zone.

           

          Then check the controller status.show control-cluster startup-nodes

           

          Also check if controllers have NTP and DNS configured

          # show network ntp-servers
          # show network ntp-status

           

          Also can you please check the gateway for the vxlan on each host and make sure it is configured. This is separate from the tcp/ip segment default gateway.

           

          You can also use the following commands for troubleshooting , to make sure arp and mac addresses are passed along

           

           

          show control-cluster logical-switches vtep-table 5001

          show control-cluster logical-switches vtep-table 5002

          show control-cluster logical-switches vtep-table 5003

           

          show control-cluster logical-switches mac-table 5001

           

          Thanks

          Azhar

          • 2. Re: Cant ping between VXLANs
            balarajugopinath Enthusiast

            Login to the Controller

            At the command prompt, run the following commands and review the command output.

            show control-cluster logical-switches vtep-table 5001

            show control-cluster logical-switches mac-table 5001

            show control-cluster logical-switches arp-table 5001

             

            show control-cluster logical-switches vtep-table 5002

            show control-cluster logical-switches mac-table 5002

            show control-cluster logical-switches arp-table 5002

             

            show control-cluster logical-switches vtep-table 5003

            show control-cluster logical-switches mac-table 5003

            show control-cluster logical-switches arp-table 5003

            If the ARP-table is empty,

             

            Please check the interfaces ip's configured in the DLR

            • 3. Re: Cant ping between VXLANs
              Gaurav_Sangamnerkar Novice

              I would agree with Azhar,

               

              What is the configuration of your transport zone ?

               

              Go to vCenter --> Networking & Security --> Installation --> Logical Network Preparation

               

              Check your transport zone status here ..  Does the transport zone includes clusters containing all the hosts ?  Is the control plane mode set to Unicast ?

               

              Gaurav