Unable to ping between devices on VLAN

Status
Not open for further replies.
C

Charles Hurst

Dabbler
Joined
Mar 3, 2015
Messages
15
Hey,

So I've setup FreeNAS (networking and ISCSI).

I have a strange problem whereby my XenServer (192.168.10.222) and FreeNAS (192.168.10.221) are unable to ping each other both on VLAN10.

I have moved my desktop machine to this VLAN and placed in the IP range 192.168.10.200 and I can ping both devices and they can ping my machine. I just cant understand why they cannot speak to each other.

I had the same issue with OpenFiler but I thought it was OF being rubbish so I installed FreeNAS to see if this works however it does the same thing.

I don't even know where to start with troubleshooting this, any ideas?

The fact that they both cannot ping each other is throwing me off as normally I would expect one way to work and the other to not which would lead me to which side has the trouble.

Thanks,

Charles
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
Why would you only be able to ping one way? That still involves round trip communication. A puzzling thing to expect to see.

Are you using vlan tagging and configuring the FreeNAS and Xen hosts to do the tagging, or is your switch mapping vlan10 to untagged ports on each host?

What are you seeing with tcpdump on each host?

Have you dropped any firewalling that might be active on the Xen host?

What sort of switchgear are you using? (Signs vaguely point towards switch misconfiguration)
 
C

Charles Hurst

Dabbler
Joined
Mar 3, 2015
Messages
15
I would expect with firewall to see the outbound ping working but inbound to be dropped as the firewall is not allowing the ICMP traffic.

The VLAN ports are all tagged on 802.1Q VLAN ID 10 (including my machine at the minute). The XenServer and FreeNAS both have a VLAN 10 setup to the corresponding ports. I'm using a Layer 3 smart TP-LINK switch think the model is TL-SG1024DE from memory, unable to get to web interface on this VLAN :)

Thanks for the tcpdump hint I haven't used this tool for some time, forgot all about it, damn sight easier than installing wireshark. I will play with tcpdump and try to diagnose although first signs point to XenServer already as its erroring on tcpdump as IPv4 not assigned.
 
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
Charles Hurst said:
I would expect with firewall to see the outbound ping working but inbound to be dropped as the firewall is not allowing the ICMP traffic.
Click to expand...

That would imply something more complex, such as a stateful firewall, since a firewall that doesn't allow ICMP will not allow ping to work. It is not a good idea to introduce additional complications such as firewalls into the process of constructing a network before the basic network is functional and tested ("don't try to run before you can walk").

The VLAN ports are all tagged on 802.1Q VLAN ID 10 (including my machine at the minute). The XenServer and FreeNAS both have a VLAN 10 setup to the corresponding ports. I'm using a Layer 3 smart TP-LINK switch think the model is TL-SG1024DE from memory, unable to get to web interface on this VLAN :)
Click to expand...

The general symptoms suggest a switch misconfiguration. I'd look carefully to see if the ports are tagged as private vlan ports (maybe called "port isolation") which is a common setting used to prevent machines on a vlan (maybe a DMZ or ISP hosting environment) from seeing each other, but being able to coexist in the broadcast domain. It would completely explain the symptoms if your two ports were marked as private vlan but your PC had been plugged into a general vlan port. This is, of course, just one of several possibilities, but it is the one I'd look for first.

Thanks for the tcpdump hint I haven't used this tool for some time, forgot all about it, damn sight easier than installing wireshark. I will play with tcpdump and try to diagnose although first signs point to XenServer already as its erroring on tcpdump as IPv4 not assigned.
Click to expand...

You will have to aim tcpdump at the specific subinterface (probably something like eth0:10), as tcpdump will tend to pick whatever appears to be a primary ethernet interface. Since that's probably eth0 for you, then the error is actually rather promising as it means you've got no IPv4 assigned to the primary interface, which is the correct way to configure an ethernet interface that has subinterfaces.
 
C

Charles Hurst

Dabbler
Joined
Mar 3, 2015
Messages
15
Sorry jgreco its me being a d*ckhead, I tagged the port not untagged on my switch, set them all as untagged and now its working!
 
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Unable to ping between devices on VLAN"

Similar threads

T
  • Locked
LAGG + VLAN isolates FreeNAS from iohyve VM
Replies
7
Views
3K
mav@
M
typoknig
  • Locked
Unable to ping
Replies
7
Views
17K
typoknig
typoknig
E
  • Locked
SOLVED unable to ping google (but able to ping other external addresses)
Replies
6
Views
5K
EJOLA
E
TwittyFlash
  • Locked
FreeNAS cannot ping through CISCO switch
Replies
12
Views
2K
Jaesii
J
M
  • Locked
SSH on a vlan
Replies
5
Views
1K
jgreco
jgreco
Top