VM cannot ping outside of its Host

SBrickey23 25 Reputation points
2023-08-03T21:58:06.34+00:00

Hello all,

I've been working on a lab network to test out live migrations.

Host 1:

  • VM 1

Host 2: (Joined to the Domain)

  • VM 2 (Current Domain Controller) (DNS Server)

I have set static IP addresses for all of these devices. However, from each VM I can only ping the Host that the VM is on. I can also ping the VM from the Host. My problem is that I cannot ping the opposite Host or VM from the VM I'm working with.

To make that a little easier to understand, here is an example:
HOST 1 can Ping VM 1 and vice-versa.
HOST 2 can Ping VM 2 and vice-versa.
HOST 2 can Ping HOST 1 and vice-versa.

VM 1 cannot ping HOST 2 or VM 2
VM 2 cannot ping HOST 1 or VM 1

Windows Firewall is completely disabled on all of the computers, Network Discovery is enabled on all computers. Each VM is configured with an external switch in Hyper-V Manager.

VM 2 shows "No Internet" in the taskbar, however it can ping Google.com, ping its Host, and shows the domain name in the ncpa.cpl menu.
Just to note, HOST 1 and VM 1 cannot ping the DNS server or Domain on VM 2.

Any help or suggestions? Thanks!

Windows for business | Windows Client for IT Pros | Storage high availability | Virtualization and Hyper-V
Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2023-08-04T20:23:10.46+00:00

    The host address has nothing to do with this. Pinging the host also makes no difference as far as the vms are concerned. Can the vms reach the router? Might check (on both vms)

    ping 10.10.10.17
    

    and also

    tracert 8.8.8.8
    

    another thing to try is recreating the vSwitches. When you create a new external vSwitch the internet protocols are removed from the adapter and the Hyper-V Extensible Switch protocol is added turning that physical port into a multi-port virtual switch. Connect your VMs to this vSwitch and use each VM's vEthernet to configure the addressing in the exact same manner as if it were a physical NIC

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.

6 additional answers

Sort by: Most helpful
  1. Anonymous
    2023-08-03T22:17:55.3366667+00:00

    Make sure the guests on each host are using external vSwitches and that there's a route defined between them.

    And separately I'd check the domain controller and problem members have the static ip address of DC listed for DNS and no others such as a router or public DNS.

    Also post the unedited results below

    ipconfig /all > C:\vm1.txt	  
    ipconfig /all > C:\vm2.txt
    
    

    --please don't forget to upvote and Accept as answer if the reply is helpful--


  2. Anonymous
    2023-08-04T13:31:54.5866667+00:00

    Looks like there may be a rouge IPv6 DHCP server (probably a router?) on the network. If IPv6 is used and not configured correctly this will cause no end to grief (especially for domain controllers)

    --please don't forget to upvote and Accept as answer if the reply is helpful--


  3. Anonymous
    2023-08-04T15:29:53.8633333+00:00

    Are the hosts side-by-side or on opposite sides of the earth? Wondering about the route between vSwitches. I'd check that both got the domain network profile. ICMPv4 firewall rule is not enabled by default unless the domain profile is in use.

    When NLA starts to detect the network location, the machine will contact a domain controller via port 389. If this detection is successful, it will get the domain firewall profile (allowing for correct ports) and we cannot change the network location profile.

    If the domain was not found or process failed, NLA will let you to determine which firewall profile will be used, private or public, likely defaulting to Public

    If problems persist then please run;

    Dcdiag /v /c /d /e /s:%computername% >C:\dcdiag.log (run on PDC emulator)
    repadmin /showrepl >C:\repl.txt (run on any domain controller)
    ipconfig /all > C:\%computername%.txt (run on EVERY domain controller)
    ipconfig /all > C:\problemVM.txt (run on problem VM)

    Also check the domain controller System and Replication (DFS or FRS) event logs for errors since last boot. Post the Event Source and Event IDs of any found. (no evtx files)

    then put unzipped text files up on OneDrive and share a link.


  4. Anonymous
    2023-08-04T18:58:35.48+00:00

    At a minimum a domain controller should have its own static ip address listed for DNS plus the loopback (127.0.0.1) listed for DNS also remove the invalid 10.10.10.21 then do ipconfig /flushdns, ipconfig /registerdns, and restart the netlogon service

    The Time Server is not running on ABBOTT

    "server holding the PDC role is down"

    sc triggerinfo w32time start/networkon stop/networkoff
    

    may solve this problem. Then reboot and wait about 10 minutes for services to start up.

    --please don't forget to upvote and Accept as answer if the reply is helpful--


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.