none
Hyper-v 2016 nothing can access the VMs, but VMs can access everything except other VMs. RRS feed

  • Question

  • This is a new one for me.  I have lots of hours on Hyper-V 2008 R2 and 2012 R2.  I have lots of hours on fail over clusters with HPE Proliant DL380 GenX servers with MSA storage.  I am aware of the Broadcom driver bug that requires disabling VMQ.  I built a new Windows 2016 Hyper-V fail over cluster on HPE Proliant DL380 Gen9 servers and MSA storage.  Everything working perfectly, except networking.

    The VMs on the cluster CAN obtain DHCP addresses form a server elsewhere on the network (or I can set them statically - it doesn't matter how the VMs are addressed) and they also CAN access the corporate network AND the internet as expected.  But nothing can access the VMs, cannot access shares, cannot RDP, cannot ping.  Also, none of the VMs can access other VMs on the same cluster and exhibit the same behavior.

    Just so you can grasp the strangeness of this, imagine virtual servers VM1 and VM2 on the cluster, and NONVM1 outside the cluster.  VM1 can access NONVM1, shares, RDP, ping, etc, as expected.  But, even though NONVM1 knows VM1 exists due to DNS resolution only, it cannot access it at all, no shares, no RDP, no ping.  Also, VM1 CANNOT access VM2 on the same cluster and vice versa.

    All drivers and firmware are up to date. I have tried and assumed it was VMQ settings, but this does not appear to be the cause.  The Cluster Validation runs and passes everything.

    I'm at a total loss to explain this one.

    Any ideas, and thank you in advance.

    Here is the configuration of one of the hosts, the other is the same.  I am not using the LOM interfaces, but configured a team anyway following someones recommendations that did not help.  The LOMs are disconnected.:


    PS C:\Windows\system32> Get-NetAdapter

    Name                      InterfaceDescription                    ifIndex Status       MacAddress             LinkSpeed
    ----                      --------------------                    ------- ------       ----------             ---------
    vSwitch                   Microsoft Network Adapter Multiple...#2      10 Up           94-18-82-00-E0-51         3 Gbps
    Management                Microsoft Network Adapter Multiplexo...       6 Disconnected EC-B1-D7-B2-E4-F8          0 bps
    Embedded FlexibleLOM ...1 HPE FlexFabric 10Gb 2-port 533FLR-...#2      16 Disconnected EC-B1-D7-B2-E4-F8          0 bps
    vEthernet (vSwitch)       Hyper-V Virtual Ethernet Adapter             19 Up           94-18-82-00-E0-51         1 Gbps
    Embedded FlexibleLOM ...2 HPE FlexFabric 10Gb 2-port 533FLR-T ...       3 Disconnected EC-B1-D7-B2-E4-FC          0 bps
    Heartbeat                 HPE Ethernet 1Gb 4-port 331i Adapter #2       4 Up           94-18-82-00-E0-53         1 Gbps
    LAN3                      HPE Ethernet 1Gb 4-port 331i Adapter #4      14 Up           94-18-82-00-E0-52         1 Gbps
    LAN2                      HPE Ethernet 1Gb 4-port 331i Adapter          2 Up           94-18-82-00-E0-51         1 Gbps
    LAN1                      HPE Ethernet 1Gb 4-port 331i Adapter #3       5 Up           94-18-82-00-E0-50         1 Gbps


    PS C:\Windows\system32> Get-NetLbfoTeam


    Name                   : vSwitch
    Members                : {LAN2, LAN1, LAN3}
    TeamNics               : vSwitch
    TeamingMode            : SwitchIndependent
    LoadBalancingAlgorithm : Dynamic
    Status                 : Up

    Name                   : Management
    Members                : {Embedded FlexibleLOM 1 Port 2, Embedded FlexibleLOM 1 Port 1}
    TeamNics               : Management
    TeamingMode            : SwitchIndependent
    LoadBalancingAlgorithm : Dynamic
    Status                 : Down



    PS C:\Windows\system32> Get-VMSwitch

    Name    SwitchType NetAdapterInterfaceDescription
    ----    ---------- ------------------------------
    vSwitch External   Microsoft Network Adapter Multiplexor Driver #2


    PS C:\Windows\system32> Get-VM | FL


    Name             : xxxx
    State            : Running
    CpuUsage         : 0
    MemoryAssigned   : 8401190912
    MemoryDemand     : 923795456
    MemoryStatus     :
    Uptime           : 00:45:45.3270000
    Status           : Operating normally
    ReplicationState : Disabled
    Generation       : 2

    Name             : xxxx
    State            : Running
    CpuUsage         : 0
    MemoryAssigned   : 8401190912
    MemoryDemand     : 756023296
    MemoryStatus     :
    Uptime           : 00:45:59.1500000
    Status           : Operating normally
    ReplicationState : Disabled
    Generation       : 2

    Name             : xxxx
    State            : Running
    CpuUsage         : 0
    MemoryAssigned   : 33554432000
    MemoryDemand     : 1342177280
    MemoryStatus     :
    Uptime           : 00:45:04.1890000
    Status           : Operating normally
    ReplicationState : Disabled
    Generation       : 2

    Name             : xxxx
    State            : Running
    CpuUsage         : 0
    MemoryAssigned   : 4294967296
    MemoryDemand     : 729808896
    MemoryStatus     :
    Uptime           : 00:45:08.3930000
    Status           : Operating normally
    ReplicationState : Disabled
    Generation       : 2

    Name             : xxxx
    State            : Running
    CpuUsage         : 0
    MemoryAssigned   : 33554432000
    MemoryDemand     : 1342177280
    MemoryStatus     :
    Uptime           : 00:45:34.0410000
    Status           : Operating normally
    ReplicationState : Disabled
    Generation       : 2


    Monday, January 22, 2018 3:00 AM

Answers

All replies

  • Hi,

    First thing that came into my mind is firewall. It may be silly but have you checked after disabling the firewall in the VMs? If not give a try

    Second thing, it could be the MTU size difference

    To be frank, I am quite not sure about the exact problem but these two things struck in my mind when reading your post

    Also, Can you change the configuration from Dynamic to Hyper-V and check. That also makes the difference

    https://docs.microsoft.com/en-us/windows-server/networking/technologies/nic-teaming/create-a-new-nic-team-on-a-host-computer-or-vm#bkmk_lb

    Regards,
    Bala

    Monday, January 22, 2018 11:16 AM
  • In this case, it really did end up to be the firewalls, but the confusion was that it was both the Hyper-V host firewalls and each individual vm firewall.  Windows 2016 and 2019 both did not seem to open up the standard exceptions when adding roles like I am accustomed.  I had to edit the firewalls on the host and vms and open each needed service by comparing with another client that was working.  I do not know what caused the Role installation to fail turning on various exceptions, but I did get around this.

    Thanks for your help.

    Friday, June 14, 2019 4:38 PM