This website uses cookies. By browsing this website, you consent to the use of cookies. Learn more.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Highlighted
Pim_Dimmedal
Iron
‎2018-10-30 06:58 AM

VSX Virtual Router Issue

Jump to solution

I have an issue regarding VSX and the implementation of ClusterXL combined with a virtual router. I've created a lab setup (see attachment) and did some testing.

Internet connectivity on the EDGE router is verified:

1: I can ping 8.8.8.8 and google.com from my EDGE router

2: When I connect my client directly to my EDGE router i can also ping 8.8.8.8 and google.com

Connectivity from the client:

Ping from Client to 192.168.20.3 (Virtual System) is successful

Ping from Client to 192.168.1.2 (Virtual Router) is successful

Ping from Client to 192.168.1.1 (EDGE Router) is not successful

Ping from Client to 8.8.8.8 and google.com is not successful (obviously)

Connectivity from the virtual router (login to corresponding Virtual System ID of the router)

Ping from Virtual Router to 192.168.1.1 (EDGE Router) is successful

Ping from Virtual Router to 8.8.8.8 and google.com is successful

Ping from Virtual Router to 192.168.10.3 (Virtual System) is successful

Ping from Virtual Router to 192.168.20.4 (Client) is successful

It looks like the Virtual Router can connect to every part of the network but from the client I'm not able to get past the Virtual Router.

Does anyone know what I'm missing here?

Preview file
38 KB
0 Kudos
1 Solution

Accepted Solutions
Highlighted
_Val_
Admin
Admin
‎2018-10-30 09:17 AM

Jump to solution

Well, it particular cases VSX entities are using non-routable IP addresses that just cannot be returned to the original source. Start there, see where it fails, and then, if that was not the case, we can move further

View solution in original post

0 Kudos
7 Replies
Highlighted
_Val_
Admin
Admin
‎2018-10-30 09:04 AM

Jump to solution

You are missing the NAT for VS IP address 🙂 It is most probably pinging 8.8.8.8 with a funny IP address which is not routed back. Run fw monitor to prove

0 Kudos
Highlighted
Pim_Dimmedal
Iron
‎2018-10-30 09:07 AM

Jump to solution

I will run fw monitor tonight, but I'm using NAT on my EDGE router so I don't see the need to NAT on the VS as well.

0 Kudos
Highlighted
_Val_
Admin
Admin
‎2018-10-30 09:17 AM

Jump to solution

Well, it particular cases VSX entities are using non-routable IP addresses that just cannot be returned to the original source. Start there, see where it fails, and then, if that was not the case, we can move further

View solution in original post

0 Kudos
Highlighted
Pim_Dimmedal
Iron
‎2018-10-30 10:00 AM

Jump to solution

I've found the issue. It seemed something was wrong with the route back from the EDGE to the Virtual Router.

Thanks for your suggestion.

Highlighted
Happy__
Copper
‎2019-01-09 06:54 AM

Jump to solution

I faced the same issue in my lab, I have two VS both external interface is connected with a virtual router, I able to reach to the virtual router but not getting the internet.

The virtual router is getting internet, I try to do with netting on VS with virtual router IP but policy failed.

There is any document related to this issue.

Can anyone help me to understand it?

"Well, it particular cases VSX entities are using non-routable IP addresses that just cannot be returned to the original source."

0 Kudos
Highlighted
Pim_Dimmedal
Iron
‎2019-02-12 11:28 AM

Jump to solution

Sorry for the late reply. Have you defined a route on the virtual router to both virtual systems, and a default route on both virtual systems to the virtual router? 

0 Kudos
Highlighted
Happy__
Copper
‎2019-02-12 11:34 AM

Jump to solution

Yes, I defined the default route is a virtual router for both VS and also defined routes on VR for reverse. 

0 Kudos