1

I am configuring a virtual machine to host an API for an application. I entered the vCloud director page and followed these steps:

Generated the edges network
Created a VDC organization network (192.168.0.1/24 as a gateway and a pool of addresses from 192.168.0.2 to 192.168.0.10)
Created a vApp and added a virtual machine (connected its NIC to the VDC I created earlier).
Installed VMWare Tools on the machine and booted it up with force guest OS configurations

Up until now, it all went perfectly. I booted up the machine and pinged my gateway, I had a connection to the gateway (which seems like a good start). Next, I tried to ping 8.8.8.8 but got the following response:

From 192.168.0.1 tcmp_seq=420 Destination Net Unreachable

I thought maybe I need to set up firewall and NAT rules, so I added the following rules:

Firewall rule for tcp on port 443 both external-internal and internal-external
Firewall rule for TCP on port 80 both external-internal and internal-external
Firewall rule for UDP on port 53 both external-internal and internal-external
SNAT rule with source address pool of 192.168.0.1-192.168.0.10 (gateway address + address pool from Organization VDC) and translated source IP obtained from my edge settings.
DNAT Rule with original IP address obtained from my edge settings and translated IP address / pool same as the source in my SNAT rule (192.168.0.1-192.168.0.10)

Here is the output from ifconfig: enter image description here

Here is the output of lshw -C network: enter image description here

Here are pictures of my firewall and NAT rules: enter image description here enter image description here

ip route show output:

default via 192.168.0.1 dev ens160 proto static
192.168.0.1/24 dev ens160 proto kernel scope link src 192.168.0.4

Really sorry for the terminal pictures, couldn't copy-paste from the web console. If that's an issue LMK and I will use lense to copy the text from the images and put it instead of the images.

PS: This is my first time working with servers this way, so if I am doing something stupid, don't refrain from pointing it out. I am more used to out-of-the-box solutions such as Digital Ocean, and Google Cloud where the network is already configured. This is completely new to me, especially the virtualization part. I did some networking back in high school but we did that with physical components, not these virtual components.

Dimitar Veljanovski
  • 69
  • 1
  • 1
  • 8
  • Seems more like a routing issue, could you run `ip route show` and paste the results in your question? – Marcel Oct 06 '22 at 15:17
  • @Marcel Added. I figured as much but quite frankly I don't know where to begin to look in order to fix it. Hopefully (probably) some people here have more experience than me in this area as this is not my primary line of work, my primary occupation is full stack developer but I handle most devops stuff cause the company is still a startup and can't affoard to pay another person i guess. – Dimitar Veljanovski Oct 10 '22 at 11:41
  • Do you have an External Network defined in vCloud? – Marcel Oct 10 '22 at 12:54
  • 1
    Do this: Log in to vCloud Director with a system administrator (SysAdmin) role. Click on Manage & Monitor. Click on External Networks. Click on the green plus icon (+). Now, the New External Network wizard starts. – Marcel Oct 10 '22 at 12:55
  • @Marcel I couldn't find that menu, the client asked me to deploy on AUCloud which has some modified version of the vCloud director, here is what I see when I click on Monitor: https://ibb.co/0D53bfQ – Dimitar Veljanovski Oct 10 '22 at 13:07
  • 1
    Do you have an Edge Gateway? – Marcel Oct 10 '22 at 14:14
  • 1
    Yes, I have one. Here are a few images where you can see more information about it: https://postimg.cc/gallery/cLgbmkL Sorry for the delay. – Dimitar Veljanovski Oct 10 '22 at 14:21
  • Can you ping the gateway of the edge network 103.2.241.1 from your newly created Virtual Machine ? – Marcel Oct 10 '22 at 14:42
  • 1
    I suggest [this post](https://fojta.wordpress.com/2021/01/20/provider-networking-in-vmware-cloud-director/) for you to understand better all concepts of VDC and what you might be missing. – Marcel Oct 10 '22 at 14:47
  • When I ping 103.2.241.1 I dont get a response, so it is most definitely a routing issue between the VDC and the edge gateway. I will take a look at the post you sent me and see if I can solve it. I still don't have all the options listed in the VMWare documentation. I looked through the users and couldn't find a System Administrator type user - they are all Organization Administrators so maybe that's why I cant see all the options. – Dimitar Veljanovski Oct 10 '22 at 14:50
  • @Marcel it ended up being an issue with the host provider. I hopped on a call with them a couple of weeks ago and they ended up resolving the issue. From there on out I was able to follow the vCloud Director documentation in order to set up my NAT and Firewall rules, now it all works fine. Sorry for the waste of time and effort. – Dimitar Veljanovski Nov 14 '22 at 09:08

0 Answers0