none
Server2016 Cluster network traffic coming from host ip rather than role ip RRS feed

  • Question

  • Hello

    I have two 2016 vm's in a hyper-v environment that are clustered. Each VM is on a separate physical host.

    Each VM only has 1 nic. My clusters ip's are as follows:

    172.18.1.113 ProductionIP - Role IP
    172.18.1.114 Cluster IP
    172.18.1.115 VM Host A
    172.18.1.116 VM Host B

    I've added the Role IP address (172.18.1.113) to an ipsec tunnel on my firewall, but my firewall see's the traffic as coming from either of the 2 host ip addresses (.115 or .116).  If I ping the remote end of the ipsec tunnels host from the either host A or B and source it as the .113 the ping works, but by default it always takes host ip and fails. 

    How do I get the clusters nodes to always send traffic out of the role ip no matter which node is active? 

    Thanks

    Dan

    Thursday, August 22, 2019 4:53 PM

All replies

  • Hi ,

    >>If I ping the remote end of the ipsec tunnels host from the either host A or B and source it as the .113 the ping works, but by default it always takes host ip and fails. 

    Where is the remote end of the ipsec tunnels host ?

    Did you configure some rules or settings in firewall that might cause ICMP packet lost from host A/B to remote end of the ipsec tunnels host?

    Best Regards,

    Candy


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    Friday, August 23, 2019 8:39 AM
  • The remote end is with another company. No firewall enabled.
    Friday, August 23, 2019 4:31 PM
  • Hi ,

    Based on the specific situation, we need do more researches. If we have any updates or any thoughts about this issue, we will keep you posted as soon as possible. Your kind understanding is appreciated. If you have further information during this period, you could post it on the forum, which help us understand and analyze this issue comprehensively.

    Sorry for the inconvenience and thank you for your understanding and patience.

    Best Regards,

    Candy


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   

    Monday, August 26, 2019 6:32 AM
  • I paid for a support call and confirmed with the networking team that microsoft clustering is only designed one way. Meaning traffic coming in from outside can go to a cluster and you can not have the nodes go outbound on a single ip or nic. =/
    Wednesday, September 4, 2019 6:23 PM
  • Hi ,

    Thanks for your posting here and sharing the resolution! It would be helpful to anyone who encounters similar issues.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    Candy



    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com   


    Thursday, September 5, 2019 1:41 AM