My network architecture is very simple:
firewall - 192.168.0.1 running IPCop
vmware - 192.168.0.10 running Ubuntu Server
Both computers are connected to a switch, as well as several workstations in the company (about 20 computers total) and a wireless access point.
At some point (which I haven't been able to determine yet), our Internet connection stops working. If I log into the firewall via SSH it's dead slow (you can barely type on the terminal). To my surprise, as soon as I unplug the VMWare Server from the network, the network goes back to normal.
We tried swapping the firewall for another computer and the problem remained. Any hint on how to track it down? I couldn't find anything relevant on the server logs.
Update with more information:
- The VMWare box has 1 physical NIC and is running about 3 to 5 computers with bridged mode.
- When the connection fails, running top on the firewall does not report huge CPU activity.
- The firewall does not show any information on the logs when this problem happens.
- I can't ping outside from the firewall when this failure manifests.
It sounds like it's probably time to fire up Wireshark and see what's happening. No point guessing.
My guess would be the VMWare server us flooding the network for some reason.
When you say unplug the VMWare is it the physical machine being unplugged? The VMWare is being stopped completely or the Unbuntu server is stopped and shutdown?
You need to isolate which of those 3 things is causing it. I had something similiar at one point where about once every 2 weeks or so one of my windows servers would do the same thing you have. Rebooting was my fix though since I was replacing the server soon it wasn't worth troubleshooting.
It sounds like either something is flooding the network or there is a conflicting address between the firewall and the vmware box. Another possibility might be some sort of bridging on the vmware box causing ethernet problems.
Be aware that there are bridging and NAT networks available by default on VM - one of them may be causing a conflict.
If it is "very slow" to the IPCop I would be interested to see if that was a network problem (does pinging the IPCop become sluggish?) or a CPU load issue (run top on IPCop).
Do you see any other odd networking issues at the same time? Have you perhaps got a loop in your network somewhere? How many NICs are in the VM box?
Apologies for "20 questions mode" but myself and the other 'faulters may have a better stab with a spot more info :)
HTH, Tom
What kind of networking equipment do you have? a few weeks ago we have a similar problem. A VMware ESX server was taking down some Cisco switch, those switch just put the fastethernet in disable (hardware error), this stop happening when the vmware box was removed from the network.
Is your ipcops external interface comeing out also on the vmware lan interfac? where is it connected to?
i once had similar problem when i had more than one interface comeing from my vmware host to a switch with trunks.