Re: Unpingable VLAN interface (830 Views)
Reply
Occasional Visitor
clarkimusprime
Posts: 2
Registered: ‎02-15-2012
Message 1 of 8 (890 Views)

Unpingable VLAN interface

Hopefully someone can help provide direction.  I have a pair of A5820s in an IRF group and a pair of A5800s in a second IRF group.  The groups are connected with a LAG which permits all VLANs.  There are mutliple VLANs configured, but I will focus on one of them for troubleshooting.  I have 3 ESXi servers each with 2 10GB connections to the switches.  The ports are configured as trunk ports with appropriate VLANs permitted.

On the ESXi servers, there is a distributed virtual switch with 3 port groups - 1 per VLAN. vmkernel interfaces for each traffic type are created and are in each port group with an IP assigned.  My question/symptoms are this:

  • VLAN 1 on the first IRF group (10GB) has an ip address of 10.0.2.211.
  • VLAN 1 on the second IRF group (1GB) has an ip address of 10.0.2.213.
  • The ESXi servers have a port group for management on a virtual switch.  This port group specifies VLAN 1.
  • The vmkernel nic of the first server for management has an ip address of 10.0.2.215; .216 and .217 for the other two.
  • From the first host, I can ping the other management IPs (.216 and .217).  I can also ping the VLAN interface for VLAN 1 on the remote IRF group (.213).  I can not ping the VLAN interface for VLAN 1 on my locally-connected IRF group (.211).

Relevant config sections on the first IRF switch group below:

interface Vlan-interface1
ip address 10.0.2.211 255.0.0.0

interface Ten-GigabitEthernet1/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094
#
interface Ten-GigabitEthernet1/0/4
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094
#
interface Ten-GigabitEthernet1/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094

interface Ten-GigabitEthernet2/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094
#
interface Ten-GigabitEthernet2/0/4
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094
#
interface Ten-GigabitEthernet2/0/5
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 102 106 202
port trunk pvid vlan 4094

 

Any insight on why I can not ping the VLAN interface(s) of my locally connected VLANs?

Regular Advisor
John Gelten
Posts: 70
Registered: ‎09-08-2010
Message 2 of 8 (880 Views)

Re: Unpingable VLAN interface

The ESXi hosts are connected to both switch-pairs I assume, if so - are all links actively used by the portgroups ?

Are the VLANs tagged on the links to the servers, if so - I could imagine the fact you are using PVID 4094 on the link between the switches might be important.

No VRRP or anything in your config ?

Can you ping between both switches, and from both switches to the ESXi-hosts ?

Is there an ARP entry in the ESXi-hosts for the unpingable switch after you tried to ping ?

 

All questions and no answers yet, I am afraid... 

;-)

 

Occasional Contributor
regnander
Posts: 3
Registered: ‎09-28-2011
Message 3 of 8 (869 Views)

Re: Unpingable VLAN interface

Hi,

 

I have a similar issue.

 

When moving an IP adress to a VLAN interface from a route port i cannot ping the interface.

 

Anything else in the same subnet is reachable.

http://h30499.www3.hp.com/t5/A-Series/A5500-VLAN-interface-config-issue/td-p/5558501

 

//regnander

Respected Contributor
Michael A. McKenney
Posts: 818
Registered: ‎06-08-2009
Message 4 of 8 (859 Views)

Re: Unpingable VLAN interface

Do you have that port tagged for that VLAN?

Regular Advisor
L1nklight
Posts: 158
Registered: ‎01-30-2012
Message 5 of 8 (851 Views)

Re: Unpingable VLAN interface

I am a newbie to the A-Series switches (well, to be honest HP switches in general) but could it have something to do with the fact that you are using VLAN 1? Do HP switches reserve VLAN 1 for a special purpose as the default vlan?

 

 

Respected Contributor
Michael A. McKenney
Posts: 818
Registered: ‎06-08-2009
Message 6 of 8 (840 Views)

Re: Unpingable VLAN interface

Do you have the ACL list configured to allow pings from VLAN to VLAN. 

Occasional Visitor
clarkimusprime
Posts: 2
Registered: ‎02-15-2012
Message 7 of 8 (835 Views)

Re: Unpingable VLAN interface

By default, are ACLs configured to block?  If so, are these drops logged anywhere?  Interestingly, on the VMware side if I open tcpdump sessions on two hosts and attempt to ping from one to the other, I see the arp requests leave the first server, but never make it to the second.

Respected Contributor
Michael A. McKenney
Posts: 818
Registered: ‎06-08-2009
Message 8 of 8 (830 Views)

Re: Unpingable VLAN interface

Don't you need a port trunk permit vlan 1 to vlan 2 command to allow traffic between vlans.

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.