Thanks Michael -- During my next opportunity to swap out, I'll do the ping tests you list and report back.
At 0430 this morning, faced with a non-functional mobile and core dispatch system, I had to get things back up. I am strongly "encouraged" to not have a network outage last longer than 15 minutes due to life-safety issues with our guys in the field..... I did look at the ARP table on one of the Hyper-V hosts and it showed the MAC of the 5505 private but that was the only check I made before deciding to revert back.... Gordon -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Thursday, April 20, 2017 3:04 PM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] RE: Hyper-V host networking issue There is some basic network testing missing here. This statement specifically: " If I remove my existing Cisco and replace it with the new Cisco, the Hyper-V host servers lose their network connection, which of course means the VM's lose theirs too." What exactly does it mean? Can the hyper-v host servers ping each other? Can the VMs ping each other? Can the VMs ping the various hosts? Can the host servers ping the public and or the private IP addresses of the 5505? In both cases, does the Hyper-V host arp table show the MAC for the private connection on the 5505? Does the ARP table on both 5505's show the MAC address for the Hyper-V servers? -----Original Message----- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Gordon Pegue Sent: Thursday, April 20, 2017 3:01 PM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] Hyper-V host networking issue Greets -- I've got a head-scratcher that my google-fu is not resolving. I have a Cisco ASA 5505 firewall in place at my university department perimeter. I have four physical Dell PowerEdge T710 servers on the LAN, all running WinSrvr 2008R2 x64 Enterprise. Three of the physical servers are Hyper-V machines, each hosting at least 2 WinSrvr 2008R2 x64 Enterprise guest VM's. (And one of the Hyper-V host machines has its guest VM's stopped and disabled as the physical box is going to be repurposed) All four servers have the Broadcom BCM5709C NetXtreme II GigE NIC's. The 3 Hyper-V boxes are each configured with the Virtual Switch bound to a single NIC and a statically addressed Virtual Network for the box. The VM's each have statically addressed Virtual Machine Bus Network Adapters configured. Networking/everything is fine, no problems - when using the existing firewall. I've seen none of the Broadcom issues that have been reported. I have a second ASA 5505 firewall, with up-to-date firmware and more RAM (and a maintenance agreement with a Cisco VAR - which is why I want to swap out the device). The FW configuration settings are identical, with the exception of the boot image that loads when the firewall is rebooted. If I remove my existing Cisco and replace it with the new Cisco, the Hyper-V host servers lose their network connection, which of course means the VM's lose theirs too. The one physical Dell box that is not a Hyper-V host works just fine with either firewall! But not the Hyper-V boxes.... As I said, my google-fu is not working too well in this instance. Most hits talk about intermittent/random loss of connectivity (which I'm NOT seeing) and suggest that the possible answer is to use the following registry hack to disable TCP Offloading on the VM's: Key: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters Value(DWORD): DisableTaskOffload = 1 Now the catch-22 for me? I work for a university law enforcement agency which is 24x7x365 so I obviously cannot be blowing up internet access willy-nilly as I try different possible solutions... So... I tried clearing the arp cache on the hyper-v hosts to no effect. I've not tried anything else yet other than to reinstall the existing firewall so that my department (and my officers in the field can use their in-car KDT's) is back up. If networking with my existing ASA 5505 is fine, why are my hyper-v boxes dropping the connection when I plug in the new ASA? What the heck am I missing? TIA Gordon
