none
Hyper-V NLB VIP unable to ping from some clients RRS feed

  • Question

  • Hi All

    we are developing distribution applications, it's heavy rely on windows NLB to provider load balance function. I deployed 11 NLB instances, all NLB nodes are Hyper-V VM. all VM and V-Host both are running on Windows Server 2012 R2 OS with latest windows patch.

    once all NLB get converged, I find at least two or three NLB VIP cannot ping from some clients, those clients either resides in same V-Host or connect to same TOR switch, even in same VLAN, but those clients can ping other NLB VIP. I also tried on other clients which are not connected to same TOR switch but connected to same core switch, all NLB VIP both are able to ping.

    the typical configuration like this:

    NLB1-node1 -> Host1 -> TOR Switch A -> Core Switch A&B

    NLB1-node2 -> Host2 -> TOR Switch A -> Core Switch A&B

    NLB1-node3 -> Host3 -> TOR Switch A -> Core Switch A&B

    NLB1-node4 -> Host4 -> TOR Switch B -> Core Switch A&B

    NLB1-node5 -> Host5 -> TOR Switch B -> Core Switch A&B

    NLB1-node6 -> Host6 -> TOR Switch B -> Core Switch A&B

    All NLB are Multicast mode, only Enable MAC address Proofing on NLB NIC.

    The others NLB also like this, they are resides on different Hosts and cross TOR Switch.

    Host model is HP ProLiant DL380 Gen9, no NIC teaming enabled. NIC model is HP 331i with four 1GB ports.

    TOR Switch is CISCO Nexus N3048, only L2 enabled.

    Core Switch are two Nexus 7706, L3 enabled. VIP enabled between in two 7706A and 7706B.

    two or three NLB in same VLAN with /27 net mask.

    static ARP entity was added on 7706A & B

    static entity also added into mac-address table on TOR switch with Ports and NLB VLAN ID.

    the worse scenario is NLB1 and NLB2 in same VLAN. three Nodes of NLB1 can ping NLB2 VIP, but the other three nodes of NLB1 cannot ping NLB2 VIP, I even can see arp entity of NLB2 VIP on all NLB1 nodes.

    Does anyone met the same issue? I doubt that's might be a bug either of MS or Cisco, but don't know which patch or hotfix can help?


    • Edited by airjing Wednesday, January 11, 2017 3:50 PM
    Wednesday, January 11, 2017 3:45 PM

All replies

  • Hi All

    we are developing distribution applications, it's heavy rely on windows NLB to provider load balance function. I deployed 11 NLB instances, all NLB nodes are Hyper-V VM. all VM and V-Host both are running on Windows Server 2012 R2 OS with latest windows patch.

    once all NLB get converged, I find at least two or three NLB VIP cannot ping from some clients, those clients either resides in same V-Host or connect to same TOR switch, even in same VLAN, but those clients can ping other NLB VIP. I also tried on other clients which are not connected to same TOR switch but connected to same core switch, all NLB VIP both are able to ping.

    the typical configuration like this:

    NLB1-node1 -> Host1 -> TOR Switch A -> Core Switch A&B

    NLB1-node2 -> Host2 -> TOR Switch A -> Core Switch A&B

    NLB1-node3 -> Host3 -> TOR Switch A -> Core Switch A&B

    NLB1-node4 -> Host4 -> TOR Switch B -> Core Switch A&B

    NLB1-node5 -> Host5 -> TOR Switch B -> Core Switch A&B

    NLB1-node6 -> Host6 -> TOR Switch B -> Core Switch A&B

    All NLB are Multicast mode, only Enable MAC address Proofing on NLB NIC.

    the others NLB also like this, they are resides on different Hosts and cross TOR Switch.

    Host model is HP ProLiant DL380 Gen9, no NIC teaming enabled. NIC model is HP 331i with four 1GB ports.

    TOR Switch is CISCO Nexus N3048, only L2 enabled.

    Core Switch are two Nexus 7706, L3 enabled. VIP enabled between in two 7706A and 7706B.

    two or three NLB in same VLAN with /27 net mask.

    static ARP entity was added on 7706A & B

    static entity also added into mac-address table on TOR switch with Ports and NLB VLAN ID.

    the worse scenario is NLB1 and NLB2 in same VLAN. three Nodes of NLB1 can ping NLB2 VIP, but the other three nodes of NLB1 cannot ping NLB2 VIP, I even can see arp entity of NLB2 VIP on all NLB1 nodes.

    Does anyone met the same issue? I doubt that's might be a bug either of MS or Cisco, but don't know which patch or hotfix can help?


    • Edited by airjing Wednesday, January 11, 2017 3:49 PM
    • Moved by BrianEhMVP Wednesday, January 11, 2017 4:25 PM
    • Merged by Leo HanModerator Thursday, January 12, 2017 1:08 AM duplicated
    Wednesday, January 11, 2017 3:46 PM
  • Hi Airjing,

    >> I find at least two or three NLB VIP cannot ping from some clients,

    Did you mean that some clients could not ping NLB?

    Did issue occur randomly?

    Have you tried to ping node on each nodes?

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, January 12, 2017 9:36 AM
  • I also found when NLB VIP cannot ping, some VM nodes within this NLB also cannot ping NLB dedicate NIC's gateway.

    I can capture ARP reply package from CISCO switch by mirroring port. But on Hyper-V Host, I only see request ARP package send out, but not reply ARP package income. seems dropped by Hyper-V vSwitch.

    have any idea?

    Wednesday, January 18, 2017 2:06 AM
  • Hi Airjing,

    Please try to follow link below to troubleshoot issue:

    Troubleshooting Network Load Balancing Clusters

    https://technet.microsoft.com/en-us/library/cc732592(v=ws.11).aspx

    Best Regards

    John


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 18, 2017 3:02 AM