Unable to ping 1 server in other vlan.

Joris Deprouw · ‎02-20-2014

Hi All,

We have a strange issue on our network.

We have 4 nexus 7000 switches connected through OTV. The problem however is situated only in the main site. So OTV is not used in this case.

We installed a new virtual server 10.16.3.6 (Server 2) configured in vlan 116. The chassis of this virtual server is connected on a 3750 stack.
From this server we can not ping 10.0.2.34 (Server 1) configured in vlan 10. This server is connected to a fex linked to Nexus 2.

From server 2 we can ping other servers (server 4 and 3) in different vlans.
From Server 1 we can ping other servers (server 4 and 3) in different vlans.

From the core switches, which do inter-vlan routing for both vlans, we can ping both servers with a source in another vlan or in the same vlan.

There is no firewall devices between both vlans.

Does anyone have tip where to start searching for the cause of this problem.

Attached you can find a design of the setup.

Thanks,

Best Regards,
Joris

Core# ping 10.16.3.6
PING 10.16.3.6 (10.16.3.6): 56 data bytes
64 bytes from 10.16.3.6: icmp_seq=0 ttl=253 time=4.911 ms
64 bytes from 10.16.3.6: icmp_seq=1 ttl=253 time=0.627 ms
64 bytes from 10.16.3.6: icmp_seq=2 ttl=253 time=0.775 ms
64 bytes from 10.16.3.6: icmp_seq=3 ttl=253 time=4.463 ms
64 bytes from 10.16.3.6: icmp_seq=4 ttl=253 time=7.663 ms

--- 10.16.3.6 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.627/3.687/7.663 ms

Core# ping 10.0.2.34
PING 10.0.2.34 (10.0.2.34): 56 data bytes
64 bytes from 10.0.2.34: icmp_seq=0 ttl=253 time=0.822 ms
64 bytes from 10.0.2.34: icmp_seq=1 ttl=253 time=0.574 ms
64 bytes from 10.0.2.34: icmp_seq=2 ttl=253 time=0.548 ms
64 bytes from 10.0.2.34: icmp_seq=3 ttl=253 time=0.487 ms
64 bytes from 10.0.2.34: icmp_seq=4 ttl=253 time=0.52 ms

--- 10.0.2.34 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.487/0.59/0.822 ms

Christopher Bell · ‎02-20-2014

When you say virtual server, do you mean a VM on a host? If that's the case, have you made sure your port-group for the vSwitch matches your host trunks coming from the switch?

Is it just one host on that particular VLAN that's having the problem? If so, try clearing the arp entry for just that IP on the next hop for that server.

Also, try clearing the dynamic MAC address entry for that server on the vSwitch (if possible) and the upstream physical switch.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.

Joris Deprouw · ‎02-20-2014

Hi Christopher,

Yes indeed a VM on a host. I have asked to checl the port-group.

I have also cleared the arp and mac address entries.

We'll see what happens.

Best Regards,

Joris

Joris Deprouw · ‎02-21-2014

Hi,

For the moment no improvement. This particular server is still not available for multiple new devices in vlan 116.

Best Regards,

Joris

Christopher Bell · ‎02-21-2014

You mentioned the problem is only at your "main site" but it sounds like each VM is connected to a different N7K right? Are both N7Ks at one site? How are they "connected"? Are there any other servers on VLAN 116 and 10 that have problems communicating with each other? If you can ping each server from the core but not from server to server, then you need to look at the cores. I know very little about OTV but it sounds like a VLAN is missing from one side or the other.

If this posts answers your question or is helpful, please consider rating it and/or marking as answered.

Jazz80813 · ‎02-21-2014

Do you have vlan 116 set across the correct trunks and port channels?