Well well well, I've posted some days ago my new lab setup. Today I ran into a strange problem. I replaced today dynaslax with my dynaBuntu a self build Ubuntu release. DynaBuntu focuses on dynamips / dynagen and only ssh is running else, no fluff stuff :D
Anyway I deployed a BGP router scenario that should interact with my real hardware firewall.
Strangely I could ping from my ASA all important Ips: Core01, LAB-R001 and the dynaBuntu instance but I could not ping the router in dynaBuntu (BGPRouter). I was even more surprised when my BGPRouter showed that he could build a CDP connection with LAB-R001.
Some times later I noticed that LAB-R001 could not resolve the IP of my BGPRouter. ARP requests were send and tcpdump showed that BGPRouter responded as expected. The next step showed the ARP response disappeared somewhere in the HyperV vSwitch. So I needed to find a way to allow this setup.
After a while I found the check box in the VM network settings that specified
“Enable spoofing of MAC addresses”, it looks like the HyperV vSwitch is running some kind of port-security settings.
Shutting down the VM, changing this setting and hurray I could ping my router and my routes where redistributed as desired.
Keine Kommentare:
Kommentar veröffentlichen