Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
102
Views
0
Helpful
1
Replies

Cannot ping or reach the IP

timothy_MTS
Level 1
Level 1

‎10-09-2025 08:19 PM

Hello everyone,

I found a situation that it looks like we may have some configuration issues on our Nexus switches. So I wanted to see where does the root cause. Can anyone give me some directions on what to check?

I have a vendor who setup some servers into the VLAN 20. There are two servers 10.20.1.1 and 10.20.1.2 to form a cluster and also with configure with one Virtual IP 10.20.1.100 for the cluster. According to the vendor, their servers are in Linux based. 

The Nexus switches is having configured with some other VLANs too. Just because of this VLAN20 is mission-critical to us, ACLs are applied (ip access-group ACL_Name in)

Now, I found some issues when I tried to ping to 10.20.1.1 and 10.20.1.2, they are working fine. These two servers enabled with web browse access, I can ping and access to the web interfaces. 

However, I noticed that in one of the many VLANs in our Nexus switches, one specific VLAN (VLAN 10) with our corporate servers  like Active Directory, (e.g. 10.10.1.1) are not able to ping or web access to the Virtual IP (10.20.1.100). But if I ping or web access to the physical servers IPs, it's all working fine. Just only NOT accessible to this Virtual IP.

To compare, I got another User PC VLAN 50 (10.50.1.0/24), it works perfectly fine, means I can ping and web access to all the IPs

To summarize,

[host 10.10.1.1] ping 10.20.1.1 - OK

[host 10.10.1.1] ping 10.20.1.2 - OK

[host 10.10.1.1] ping 10.20.1.100 - Timeout

[host 10.50.1.1] ping 10.20.1.1 - OK

[host 10.50.1.1] ping 10.20.1.2 - OK

[host 10.50.1.1] ping 10.20.1.100 - OK

I tried to tracert on the server,

from the [host 10.10.1.1] to [10.20.1.1], it firstly go to 10.10.1.253 (the VLAN10 gateway), then 10.20.1.1

from the [host 10.10.1.1] to [10.20.1.2], it firstly go to 10.10.1.253 (the VLAN10 gateway), then 10.20.1.2

from the [host 10.10.1.1] to [10.20.1.100], it firstly go to 10.10.1.253 (the VLAN10 gateway), then timeout...

from the [host 10.50.1.1] to [10.20.1.1], it firstly go to 10.50.1.253 (the VLAN50 gateway), then 10.20.1.1

from the [host 10.50.1.1] to [10.20.1.2], it firstly go to 10.50.1.253 (the VLAN50 gateway), then 10.20.1.2

from the [host 10.50.1.1] to [10.20.1.100], it firstly go to 10.50.1.253 (the VLAN50 gateway), then 10.20.1.100

I did the similar test from the Nexus switch.

ping 10.20.1.1 source-interface vlan10 - OK

ping 10.20.1.2 source-interface vlan10 - OK

ping 10.20.1.100 source-interface vlan10 - timeout

ping 10.20.1.1 source-interface vlan50 - OK

ping 10.20.1.2 source-interface vlan50 - OK

ping 10.20.1.100 source-interface vlan50 - OK

 

The vendor also tried to do some testing from the servers 10.20.1.1 and 10.20.1.2 to access / ping to outside, it works fine. Now I cannot confirm whether the problem is on the network side or in the vendor configuration of their systems. I don't have any access to these Linux machines.

 

Thanks for your reading and thanks for your help in advance.

Regards,

Timothy

 

 

 

 

 

 

 

 

 

Labels:
0 Helpful
1 Reply 1

David Ruess
VIP
VIP

‎10-10-2025 04:59 AM

Hello,

 

Can you provide some configuration. You mention an ACL, can you provide that config as well as routing table entries for the Nexus devices?

 

-David

0 Helpful
Customers Also Viewed These Support Documents