Network Connection issues with VM

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
Strange things happening here, and it seems like it should be soo simple, but I can not figure out what could be wrong. I have 3 physical servers, 7 or 8 Virtual ones, 2 vlans.

All have net access (although some complain about no connection until i ping something)

The real issue, Primary Domain Controller (server A) can not ping the Secondary Domain controller (server B) and vice versa (Destination host unreachable). Server C can ping both A and B. A and B can not ping server C (Request Timed Out). Server D can ping server A, but not servers B or C. All can ping the Gateway, it is a VM pfsense on VM#2.

GW=10.0.10.1/22
A=10.0.10.4/255.255.252.0 (VM1)
B=10.0.10.5/255.255.252.0 (VM2)
C=10.0.10.10/255.255.252.0 (VM2)
D=10.0.10.11/255.255.252.0 (VM1)

A and D are on the same physical host and B and C are on the same host.

Any suggestions on where to even start?
 

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
Seems there is some redundant switching problems.. I'll make a diagram and post back.

OzibC.png


Cutting one of the switches out seems to put 90% of the network back up and running. Switches are Dell Powerconnect 2816s.
 
Last edited:

silasbear

Limp Gawd
Joined
Jul 14, 2005
Messages
449
Are your physical VMs trunked properly to the switches and are all vlans properly trunked between physical switches?

Do you have proper routing in between the vlans?
 

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
The only routing is happening at the PfSense VM. It is using vlan2 and the Switch Ports are all tagging as vlan2, So are the Vswitchs (no options for passing packets untagged or tagged that I know of there) Also Vlan-A is just untagged, or part of the default Vlan1 (I just want Vlan2 traffic seperated out)

After unplugging one of the Dell Switches everything started working again, STP seemed to be working, So maybe I should setup the ports on the Vswitches to have one NIC as failover and not try to have both as active? I can't setup a multiswitch LAG group can I?
 

NetJunkie

[H]F Junkie
Joined
Mar 16, 2001
Messages
9,682
What's your load-balancing method set to in vSphere? Hash based on Virtual Port ID?
 

NetJunkie

[H]F Junkie
Joined
Mar 16, 2001
Messages
9,682
You're not doing a LAG group here..as you can't without stacked/VSS/vPC/whatever capable switches and these aren't. You're creating a load-balancing team which will work fine, IF you set the hashing mechanism right. For this it needs to be hash based on virtual port ID or based on MAC address.
 

NetJunkie

[H]F Junkie
Joined
Mar 16, 2001
Messages
9,682
It was set to the default, "Route based on originating virtual port ID".

Make sure the port-group isn't overriding the vSwitch or anything. Else your network config appears valid.

EDIT: I assume your two switches are cross connected and trunking both VLANs across.
 

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
Well I have moved a bunch of things around unplugged 1/2 of everything and I can determine that VlanA is working across both switches. But VlanB does not seem to transfer anything from one switch to the next.
BTW these are Dell Powerconnect 2816. And they seem to be known for Vlan troubles.

Right now I have VMs plugged into switch #1 and the cross connections hooked up from switch to switch (VlanA and B separately) . Switch #2 VlanA is plugged into the Network A. And a workstation plugged into Switch #2 will not get any type of connection to/from the VMs. Moving said workstation to VlanA results in imediate IP address assignment and connection.

There isn't really much to configure. Tagged or Untagged ports, Unauthorized Users y/n, admit all frames or tagged only, and ingress filtering y/n.

I've tried all tagged, all untagged, and only Cross connections tagged. I can't disable ingress filtering. Admit all frames is on.
 

Autopia

Limp Gawd
Joined
Feb 24, 2006
Messages
246
correct me if I'm wrong, but don't you need a route from vlan1 to vlan2 vise versa? that should correct the problem if you don't have one.
 

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
pff.. as an idea to really just try everything, I added VlanB tagging to the VlanA crosslink port on both switches. Instantly it works, plus redundancy?? I unplugged either cross connection cable and VlanB was solid each time.
I dislike finding a solution by some sort of random guess, not very helpfull in figuring something out. Does anyone know why this worked vs having no ports sharing Vlans?
 

officeboy

n00b
Joined
Sep 28, 2011
Messages
38
correct me if I'm wrong, but don't you need a route from vlan1 to vlan2 vise versa? that should correct the problem if you don't have one.

Pfsense is routing A to B. But really all i was/ am looking for at this point is VlanB to connect to VlanB on the other switch.
 
Last edited:
Top