Duplicate response for Internet Control Message Protocol (ICMP) request - CARP controller nodes running on the same ESXi host
search cancel

Duplicate response for Internet Control Message Protocol (ICMP) request - CARP controller nodes running on the same ESXi host

book

Article ID: 325067

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

In VMware ESXi host, when the ping command is performed from one of the Common Address Redundancy Protocol (CARP) controller nodes to another node running on the same ESXi host, you experience this symptom:
  • Duplicate Internet Control Message Protocol (ICMP) response is observed


Environment

VMware vSphere ESXi

VMware vCenter Server

Cause

This issue occurs when CARP controller nodes running on the same ESXi host have promiscuous mode enabled and the vSphere Distributed Switch (vDS) is using more than one uplink.

Resolution

The CARP controller interface does not use the MAC address that is assigned to the vNIC. This is the reason why the MAC address is not registered with the vDS.

Since MAC address learning does not happen at the vSphere Distributed Switch (vDS) level with promiscuous mode enabled, when an ICMP packet is sent out, one copy of the packet is sent to the destination virtual machine by the vSwitch with promiscuous mode enabled. Meanwhile, since the vSwitch does not know the destination MAC address, it also forwards the packet to the uplink. The packet then goes through the physical switch and comes back through the other uplink. The destination virtual machine then receives two copies of the ICMP Echo request packet and responds twice, which causes the duplicate ICMP response.

Powered by Wolken Software