virtual machine created on HCI Cluster is not able to communicate with HCI Nodes

Question

Hello,

I've created a Azure stack HCI Cluster and able to create a VM on the HCI Node.

I've created 4 InternalNAT network adapter, 1 assigned to mamagement, 1 assigned to Compute and 2 assigned to Storage as per the instruction. When we create a VM in the HCI Stack, we choose (ComputeSwitch) for the network and configured the IP address on the same subnet of management IP. When I tried to ping the Nodes IP from the VP, the ping fails.

Can you share any document or steps to configure the VM networks to reach internet via the default HCI Cluster gateway IP 192.168.0.1 assigned by default.

Answer 1

Hi @SAKTHIMURUGAN ARUMUGAM ,

I'm not certain why you would be using a NAT switch. It would be recommended to use a standard external virtual switch for your compute traffic instead. Regardless, I would need to know more about your setup to determine the cause, but I am going to try to cover the scenario as best I can from the description.

If the management adapter is a dedicated NIC, the traffic coming from the VM would have to leave the host via the dedicated Compute NIC that is bound to the virtual switch. If you are using VLANs, you would need to ensure the switchport connected to the Compute NIC was a trunk that allowed the necessary VLANs. The management NIC would also need to be tagged on the same VLAN as you noted the VMs and management use the same subnet range. In this scenario, you would not need to go through the default gateway. If you are also unable to connect to the gateway, you may need to ensure Layer 2 connectivity (including VLANs, if applicable) are correctly configured in the path to the gateway. You can check to see if Layer 2 is working by simply checking the ARP table using arp -a. Note that this only works for machines on the same subnet. If you are behind a NAT switch, this is a moot point.

Also to note, ping is not always reliable when testing connectivity between Windows machines as ICMP is frequently blocked by the Windows Firewall. You could turn off the Windows Firewall for testing purposes, or simply ensure the correct rules are in place. If the machines are all domain-joined, each node should have the 'Domain' firewall profile active (which does allow ping by default). But for a more reliable test between Windows machines, I recommend using Test-NetConnection and the -Port parameter, such as Test-NetConnection 192.168.0.10 -Port 445. This would test both ICMP and TCP-level connectivity which provides a more accurate determination of connectivity.

Hope this helps!
Trent

Answer 2

Hello Trent,

Thanks for your response. My environment is on Azure VM (nested virtualization) running hypervisor on top then running Cluster node (testing env). I could not see any user guide for networking and connecting. I am following https://learn.microsoft.com/en-us/azure-stack/hci/deploy/create-cluster to create the HCI cluster.

Here is the node01 and node02 network details.

1. ipconfig from Node01:

PS C:\Users\Administrator> ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : AZSHCINODE01
Primary Dns Suffix . . . . . . . : azshci.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : azshci.local

Ethernet adapter Ethernet 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #5
Physical Address. . . . . . . . . : 00-15-5D-00-04-0A
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3d57:6e5e:6901:b7bb%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.50(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 301995357
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-72-00-15-5D-00-04-02
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-15-5D-00-04-02
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::bd7f:f4e3:c35b:ce8a%9(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.11.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Management:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #3
Physical Address. . . . . . . . . : 00-15-5D-00-04-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6500:2f1c:1409:2a17%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 134223197
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-72-00-15-5D-00-04-02
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet 4:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #4
Physical Address. . . . . . . . . : 00-15-5D-00-04-03
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::300a:c56d:6adf:2f89%3(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.12.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapter
Physical Address. . . . . . . . . : 02-12-6E-13-6C-7C
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b5ae:5948:c2d7:a3db%4(Preferred)
IPv4 Address. . . . . . . . . . . : 169.254.1.174(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 67244654
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-72-00-15-5D-00-04-02
NetBIOS over Tcpip. . . . . . . . : Enabled
PS C:\Users\Administrator>

2. ipconfig from Node02

PS C:\Users\Administrator> ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : AZSHCINODE02
Primary Dns Suffix . . . . . . . : azshci.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : azshci.local

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #5
Physical Address. . . . . . . . . : 00-15-5D-00-04-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d121:58de:3095:752%21(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.7.82(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 352327005
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-87-00-15-5D-00-04-05
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Management:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
Physical Address. . . . . . . . . : 00-15-5D-00-04-05
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6dd2:7a18:d3e6:4902%4(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 100668765
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-87-00-15-5D-00-04-05
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #2
Physical Address. . . . . . . . . : 00-15-5D-00-04-06
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9080:57d3:2ac4:5794%6(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.11.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #3
Physical Address. . . . . . . . . : 00-15-5D-00-04-07
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3593:d32:3469:d46f%8(Preferred)
IPv4 Address. . . . . . . . . . . : 10.10.12.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Failover Cluster Virtual Adapter
Physical Address. . . . . . . . . : 02-85-60-77-58-55
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c968:3b54:df30:513e%10(Preferred)
IPv4 Address. . . . . . . . . . . : 169.254.2.195(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 167937376
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-29-41-D4-87-00-15-5D-00-04-05
NetBIOS over Tcpip. . . . . . . . : Enabled

Answer 3

Hello Trent,

Can you help us on the HCI networks.

Answer 4

Hi @SAKTHIMURUGAN ARUMUGAM ,

It's very difficult from just the output above to determine the cause of the issue. However, in this setup, I would expect to only see 4 NICs.

The management NIC would have the only routable IP address and default gateway assigned. The IP address of the default gateway would be the IP address used when creating the NAT gateway (like mentioned here - https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network).

The two storage NICs both look correct from an addressing perspective - they are on separate networks with no gateway configured. These should either be connected to different virtual switches, or, if connected to the same switch, should be using VLANs

The only other adapter I would expect to see here would be the one labeled as a 'Tunnel' adapter. This is the adapter created and used exclusively by the cluster.

I'm assuming the other NIC in each output is the Compute NIC you mentioned, but once you bind a virtual switch to it, that NIC would no longer show in the host's output.

Given you noted you created a NAT switch on the host, my suggestion would be to review the NAT configuration given you mentioned you can't ping the default gateway. One thing to note is that you won't be able to ping externally back into the cluster with a NAT switch in between. The only way you can get connectivity in this regard would be to set up NAT rules.

Hope this helps!
Trent