VMware two vSwitches Guests can’t communicate between them

bridgevmware-esxivmware-vspherevswitch

I have some servers in this configuration:

Diagram of VMWare ESXi Network Configuration

(complete configuration)
enter image description here

And I am not able, from VMGuest1, to ping either VMGuest3 or VMGuest4. I can, however, ping Host1 and Host2, which are attached to pSwitch1. The behavior is the same with VMGuest3 or 4 trying to ping VMGuest 1 or 2.

I don't have promiscuity enabled for any of these switches, nor do I have a bridge set up inside ESXi for the virtual switches. I know that one of these options is usually necessary when trying to get connectivity between two virtual switches. These switches are connected, however, through their respective physical switches which are bridged together.

Ping just times out, arp request looks like this:
[root@vmguest1:~]# arp -a vmguest3 vmguest3.example.com (1.2.3.4) at <incomplete> on eth0 [root@vmguest1:~]# arp -a host1 host1.example.com (1.2.3.5) at 00:0C:64:97:1C:FF [ether] on eth0

VMGuest1 can reach hosts on pSwitch1, so why can't it get to hosts on vSwitch1 through pSwitch1 the same way?

Best Answer

Bonding your NIC connections inside of a virtual machine is akin to using software RAID inside of a VMware guest. You can do it, but it's not a reasonable method of protection for a VMware system.

Are you using managed switches?

I'd recommend simplifying your solution:

Place your VMs on the same vSwitch if they need to communicate with each other.
The uplinks from the vSwitch can go to one or more physical switches.
Ideally you can set up a stack between the physical switches, with vSwitch uplinks to each, but even a resilient bond between the physical switches (2 x 1GbE) will do the job.

That's really it... Is there something wrong with a configuration like:

enter image description here

or the more complex design described at: vSwitch configuration with 12 uplinks

Related Solutions

Layer 2 bridged networking issue with QEmu

The solution to this problem was to enable promiscuous mode on the VMware ESX virtual switch as described here. The physical switch and Ubuntu network interfaces were both setup correctly, but VMware was preventing the incoming traffic from ever making it to the eth1 interface.

How to capture arp table when using network bridging

You won't get the IP address this way, but you can see which MACs the bridge has learned:

# brctl showmacs br0
port no mac addr                is local?       ageing timer
  1     00:16:3e:aa:bb:cc       no                 3.02
  1     00:16:3e:ab:bb:cc       no                30.37
  1     00:16:3e:ac:bb:cc       no                90.66
  2     fe:ff:ff:ff:ff:ff       yes                0.00

Note the port column, this tells you on which interface (port) the packet entered the bridge. If unclear which one is which, run brctl show.

If you need the IP address too, you'd have to assign a network address to the bridge and initiate a ping scan:

ip addr add X.X.X.X/yy dev br0
nmap -T5 -sP X.X.X.Z/yy
arp -a
ip addr del X.X.X.X/yy dev br0

Best Answer

Related Solutions

Layer 2 bridged networking issue with QEmu

How to capture arp table when using network bridging

Related Topic