Networking issues ESX 5.5


Recommended Posts

I have setup a ESX box to run a few small VM's on. It's got a single vswitch to my network, I'm running a VLAN for data.

 

I configured the first one, get it all working, static IP etc. all fine.

 

I create the second one, go through everything and it will not connect to the network, it's always "unidentified network". Settings are idential, I've even rebuilt it.

 

The strange thing is, if I reboot them and get the 2nd server up first, it works on the network, but the 1st server doesnt. I can swap berween the 2 like this all the time.

 

It just won't let BOTH be on the network at the same time.

 

Advice?

Link to comment
Share on other sites

so your saying you can not have more than 1 vm running at a time?

 

what is the vlan setup you have - and what is your setting on the vswitch for vlans - you would have to set 4095 on the vswitch to allow trunking and then vlan tags on your vms interfaces.. Are you talking to these machines from physical network.  What do you have setup for your vlans on your physical switch?

 

Did you clone the first vm or something?   What is the mac on the virtual nic of each vm?

 

Out of curiosity why would you just setup 5.5 when 6 has been out for some time now.

Link to comment
Share on other sites

Share the network config as sc302 requested. It sounds like you may have an IP conflict on the network.

Link to comment
Share on other sites

Both VM's run, only 1 works at a time on the network.

 

VLAN is 201. If I have it on 4095, it is the same behavour. So, currently the ESX box is setup to VLAN 4095, and servers both set to 0 VLAN, but 1 is working, the other not. If I restart them, it will swap around. I've tagged them both on 201 and it doesn't make any diffference.

 

No cloning, and the MAC address's are different. We have no mac filtering either.

 

no confilct on IP, I've tried loads. And DHCP doesn't work on the 2nd server, not tried it on the first. Like I say, If I turn one off, the 2nd one works without changing ANYTHING, VLAN, IP etc.

 

I was told to use 5.5!

Link to comment
Share on other sites

I've just added the VLAN to the 1st server, and it stops working on the network.

 

The physical ports on the switch are VLAN'd to 201 too, do I need this?

Link to comment
Share on other sites

I use everything from 4-5 (I have multiple 5.x environments at work currently)....none have the issues you are seeing.  I would need more information to help you, you probably fubard your vswitch setup with trying to do something outside the defaults...can't tell from here as I can only see what you have wrote, I can't see your config.  and being that I can't see your config I can only state that yes you do have a problem and it is because it is blue, try changing the color to 4.

  • Like 2
Link to comment
Share on other sites

4095 is not a vlan, that makes the vswitch a trunk.. So what setup do you have on your physical switch?

 

Here I run a vlans on one of my vswitches.

post-14624-0-37675300-1432224268.png

 

So here you can see setup on the interface on the switch connected to that specific physical interface on the esxi host, and then another interface that goes to my AP where my wireless guest vlan is.

 

Here is where I setup vlans on my router (pfsense) that is also a VM you can see it listed there on that vswitch pf22

post-14624-0-08967900-1432224558.png

 

Love to help but like sc302 has mentioned without some details of your setup - really hard to point to where your going wrong.  Why don't you just not run any vlans and get it working just on the network, and then you can play with moving stuff to vlans.

Link to comment
Share on other sites

The point is, each will work, when the other one is not on. It isn't a conflict, or anything to do with the setup. I can either have the adapter on a VLAN or not, and it works either way.

post-16164-0-80178200-1432284169.png

post-16164-0-48501200-1432284184.png

post-16164-0-56884300-1432284185.png

post-16164-0-74265400-1432284186.png

Link to comment
Share on other sites

Why and the F would you have your vmkern port group with 4095?

 

Dude lets forget the vlans for 2 seconds.. your 2 machines are on the same network - why do you think you need 4095 on your vswitch if both machines are on the same network 192.168.11.0/24?

 

And yet no information about your switch port configurations - which now we find you have 2 physical nics on the vswitch that your sharing with your vmkern.

 

Lets start with basics.  Why don't you create a new switch with 1 physical nic, don't set 4095 and fire up 2 vms -- can they talk to each other, can they talk to your physical network?

 

How about something like this

post-14624-0-59181800-1432382143.png

 

See how all those vms on the same network 192.168.9.0/24 -- which is the same as my vmkern network.  I broke out vmkern because when it shares the same physical its a performance hit when moving stuff to and from the datastores..

 

Remove one of those nics from your vswitch.. Remove the 4095 - port on switch would just be access..  Can you talk to your devices?  Can they talk to each other?

Link to comment
Share on other sites

Ok, done. I also removed the VLAN tag from windows.

 

Both can ping each other.

 

From my PC, I can ping 192.168.11.4 but not 192.168.11.5.

 

Same as before.

post-16164-0-39622500-1432635378.png

Link to comment
Share on other sites

Dude your vmkern is on 192.168.11.15, you can not have a machine using that IP.

vmkern is your access to esxi, you .13 and .14 for your machines.

Why would you breakout your machine to 2 different vswitches and phy interfaces when they are on the same network?

Your vmkern port group by itself. It can be .15

Then your 2 vms on the same vswitch0 with .13 and .14, you notices I have nothing on my vmkern vswitch0 other than the vmkern.

Link to comment
Share on other sites

Shows right here your vmkern is .15

post-14624-0-89949900-1432638086.png

See how mine is 9.40 and then ipv6 address. Yours is clearly 192.168.11.15

Oh your on .4 and .5 ;) I was reading that is .15 --- dude put your vm on the same vswitch.. Why are you still sharing a port group with vmkern?

Link to comment
Share on other sites

so you still can not ping them?

What are their macs?

post-14624-0-47011100-1432638275.png

What is security on the port group?

post-14624-0-30358200-1432638352.png

So ping the IP .4 and .5 from physical network and what is the mac you show via arp -a? And your also on the 192.168.11.0/24 ?

post-14624-0-05129400-1432638500.png

You don't happen to have port security enabled on your physical switch? Also validate the mac address your seeing when you ping them.. Or do you not even get mac in arp table for the one that will not ping?

Link to comment
Share on other sites

So lets see the macs from you physical side, maybe you have a dupe? And what is the configuration of your switch port that nic is plugged into - you don't have port security enabled on it?

http://packetlife.net/blog/2010/may/3/port-security/

Did you ever show or say what your physical switch was this was connected too?

Link to comment
Share on other sites

Well there you go - you can not have more than 1 mac on a port if you have port security enabled!! ;)

And you have 2 machines on 1 physical switch port, your 2 vms. Turn port security off or up the mac count on it to account for the number of VMs you will have on that port.

Is this a work place? Do you have problems with users swapping in their own devices? Or putting in switches? Not sure why you would have port security enabled in a home setup

sg300#sho ports security detailed


sg300#sho ports security detailed
Port        status      Learning     Action     Maximum   Trap     Frequency
---------  ---------  ------------ ----------- --------- --------  ----------
gi1        Disabled       Lock              -        1          -          -
gi2        Disabled       Lock              -        1          -          -
gi3        Disabled       Lock              -        1          -          -
gi4        Disabled       Lock              -        1          -          -
gi5        Disabled       Lock              -        1          -          -
gi6        Disabled       Lock              -        1          -          -
gi7        Disabled       Lock              -        1          -          -
gi8        Disabled       Lock              -        1          -          -
gi9        Disabled       Lock              -        1          -          -
gi10       Disabled       Lock              -        1          -          -
Po1        Disabled       Lock              -        1          -          -
Po2        Disabled       Lock              -        1          -          -
Po3        Disabled       Lock              -        1          -          -
Po4        Disabled       Lock              -        1          -          -
Po5        Disabled       Lock              -        1          -          -
Po6        Disabled       Lock              -        1          -          -
Po7        Disabled       Lock              -        1          -          -
Po8        Disabled       Lock              -        1          -          -


 

Link to comment
Share on other sites

dude just turn it OFF..  So from the physical side you see the macs for your 2 devices?  Look at the violations you have on 11 and 12, WTF dude why do you have it on?  Which port is the vms currently connected too?  Looks like vmnic0

 

If you enabled cdp in in esxi you can validate switch port

 

---------------------------------------------
Device-ID: esxi.local.lan
Advertisement version: 2
Platform: VMware ESX
Capabilities: Switch
Interface: gi2, Port ID (outgoing port): vmnic2
Holdtime: 169
Version: Releasebuild-2715440
Duplex: full
MTU: 1500
SysName: esxi.local.lan
SysObjectID: 0.0
Addresses:
          IP 0.0.0.0
---------------------------------------------

 

Or there is a bit of hack to get lldp working on esxi non distributed switches ;)  Oh shoot it must of got turned off in last patch, have to re enabled it ;)

 

edit:  Lets see the MACS from you physical switch - you sure you turned it off on the correct port that nic is plugged into.  This is really click click it works..  On your switch validate that you see those macs, etc..

 

post-14624-0-33834100-1432642607.png

 

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.