Mac address shows sometimes on FIs but stopped showing on N5Ks

Luke Akpor · ‎04-05-2013

Hi All,

I am getting so confused here and any help will be much appreciated.

Last night I was able to ping my VM-2 machine successfully (192.168.60.102) which resides in blade 2 of chassis 1 but unable to ping the VM-1 Machine (192.168.60.101) in blade 1 of chassis 1 even when both service profile are binded to a service template which binds to a vNIC updating template as well.

So I tried to create a new vNIC template for Fabric A and Fabric B with failover enabled and now I can’t ping any of the VM machines. I reverted the changes but still no joy.

What I find now is I can sometimes see the mac address of the VM-2 on the FIs but can’t see it on the N5Ks.

By the way, I have VLAN 10 tagged on the VM and VLAN 10 and Vlan 1 allowed on the trunks between the FIs and N5Ks upstream switches

Any assistance will be much appreciated.

Thanks

Robert Burns · ‎04-05-2013

Luke,

Let's get a few more details about your setup.

1. Which hypervisor switch are you using? (vSwitch, vDS or 1000v)?

2. How are the FI's connected to the N5K's (give a simple topology, mutiple links, port channels etc)

3. Where is your source machine you're trying to ping from?

What I would suggest is this. On the N5Ks, create an SVI (switch virtual interface) on each VLAN your VMs reside in. When testing your connectivity, I want you you initiate a ping from your VMs to your N5K SVI. If that works, then try from your workstation to the VMs. If that doens't work, then we have a simple L2 problem somewhere (likely VLAN tagging related).

The next thing we'd want to check is the Mac table on the FI's. Drop into the NXOS CLI of your FI-A and FI-B and do a "show mac address | include xxxx" where x matches your VMs MAC address pattern. Verify if the MAC address shows up, and which VLAN it appears on. Assuming it appears on the FI's, we just have to ensure the pinning of the Hypervisor's vNIC is pinned to an appropriate uplink. You can verify this by "show pinning server-interface" on the UCSM CLI. You can get your vEth # from the UCSM Gui, by expanding your server's vNICs in the equipment tab.

If you're not seeing the MAC Address on the FI's, or it's showing up in the wrong VLAN, we'll want to check that next.

Keeping note of the vEth #s of your blades vNICs, connect to the UCS CLI, drop into the NXOS context and look at "show int trunk". Ensure you see all the required VLANs on your Hypervisor's vNICs allowed.

From the symptoms it sounds like you either have a VLAN tagging, or Native VLAN issue on your blades vNICs. Keep an eye on your templates to ensure they're correct.

Let me know what you find from the instructions above.

Regards,

Robert

Luke Akpor · ‎04-07-2013

Thanks Robert,

For some reasons I missed you response. Anyway, I had a TAC case raised and following trobleshooting with TAC, there is a known issue with duplicate mac address with vMware which was causing the issue I had.

Once the vmknic was deleted using the ESXi Shell and re-created, the mac address changed from the Cisco range I had of 00:25:B5 to 00:50:56 which belongs to vMware.

After this changed the issue was resolved.

Here is the link to the vMware known issue incase it helps someone else.

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1031111&sliceId=1&docTypeID=DT_KB_1_1&dialogID=770362736&stateId=1%200%20770392599

Thanks for your response.