VMs on NSX Overlay Segment are unable to access Internet
search cancel

VMs on NSX Overlay Segment are unable to access Internet

book

Article ID: 424998

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Virtual machines connected to an NSX overlay segment are unable to access Internet
  • Virtual machines could access Internet after setting the MTU to 1400 inside Guest OS
  • The Overlay network MTU is set to 9000 for both Edges and ESXi Transport Nodes
  • Edge nodes are running on ESXi hosts that have been NSX preparation
  • The Overlay network for Edge and ESXi has been configured with different subnets and VLANs
  • The Jumbo packets without fragmentation between ESXis are pingable using "vmkping -I vmk# <destination_IP> -d -s xxxx"
  • The Jumbo packets without fragmentation between Edges are pingable using " ping <destination_IP>  size xxxx dfbit enable" in TUNNEL VRF

 

Environment

VMware NSX

Cause

The MTU is mismatched along the overlay and underlay network

Resolution

To resolve this issue, please involve the physical network team for further investigation.

To identify this issue, packets capture could be taken between the source ESXi and target ESXi (Edges reside) when using vmkping and don't fragment

https://knowledge.broadcom.com/external/article/313061/testing-jumbo-frame-pings-from-esxi-over.html

Powered by Wolken Software