Forum Discussion

Jason_Hardy_476's avatar
Jason_Hardy_476
Icon for Nimbostratus rankNimbostratus
Jul 13, 2010

Unable to connect to external service after vmotion

We are trying to implement our first LTM in a production environment and are seeing strange behavior after we vMotion a host. We're left scratching our heads. This is complicated, so I'll give you some background first. Here's the setup:

 

 

- Several ESXi hosts exist in our VMware cluster. Our VM's are running RHEL 5 and each run a Big Brother/Xymon client to report on system activity.

 

- The Big Brother/Xymon server, not a VM and on the External VLAN, listens for client connections on tcp/1984.

 

- The client machines are setup on the Internal vlan with an SNAT address on the External vlan.

 

 

When VM clients are first setup, communication to the Big Brother/Xymon server works flawlessly. When we vMotion a VM we see very odd behavior:

 

 

- Traffic to the server on tcp/1984 never reaches the F5. There is no entry in the tcpdump output on the F5 for this traffic. A connection attempt, however, is shown on the client with no response.

 

- Communication to ports other than tcp/1984 on the External VLAN work just fine. Traffic patterns appear normal on the client, F5, and server.

 

 

We've run tcpdump on the F5, client, and server simultaneously under several different scenarios. We're able to successfully reach the External vlan, no matter which ESXi host the VM resides on, using services other than tcp/1984.

 

 

We're left wondering if this is an issue on the VMware side or the F5 side. Has anyone else seen this behavior?

 

 

The "91-subnet" is our Internal VLAN. Hosts on the Internal VLAN are configured to use xx.yy.91.12 as their default router.

 

 

The "57-subnet" is our External VLAN. The Big Brother/Xymon server resides on this network.

 

 

self xx.yy.57.143 {

 

netmask 255.255.255.0

 

unit 1

 

floating enable

 

vlan external

 

allow default

 

}

 

self xx.yy.91.12 {

 

netmask 255.255.255.128

 

unit 1

 

floating enable

 

vlan internal

 

allow default

 

}

 

route default inet {

 

gateway xx.yy.57.251

 

}

 

node xx.yy.91.17 {

 

screen rhel5host

 

}

 

snat snat_rhel5host {

 

translation xx.yy.57.170

 

origins xx.yy.91.17

 

vlans internal enable

 

}

 

 

 

cloud
vmware
No RepliesBe the first to reply