Hi there,
I'm writing to describe a strange problem. Here are the facts:
- hosts are all ESXi 5.1 (upgraded from 5.0) and are part of larger cluster
- source guests and target guest are part of the same VLAN
- source guests in this test are: Ubuntu Linux, CentOS Linux and OpenSuSE Linux
- target guest is Windows Server 2008R2
CASE 1:
source: any Linux OS
target: Windows Server 2008R2
Source and target guests are on the same host.
Ping works fine, no duplicates are detected ever.
CASE 2:
source: any Linux OS
target: Windows Server 2008R2
Source and target guests are not on the same host, but in the same cluster.
Source OS receives (ping & tcpdump indicates that) duplicate ICMP replies every so often, sometimes even 2 duplicate replies with the same seq. #. Tcpdump locally does not detect multiple ICMP requests. Target detects that there are actually multiple ICMP requests (Wireshark on interface) and therefore responds with replies accordingly.
We believe that the vSwitch or some other virtual or external physical device (switch) might be duplicating the packets. Wireshark on target detects as if the source guest had sent duplicate ICMP requests although tcpdump on the source does not verify that! It's either that tcpdump does not detect duplicate ICMP requests sent out or that the duplicates are being generated somewhere on the way.
Edited to add: the problem occurs only for one particular Windows Server guest. Pinging other Windows Server guests with the same configuration and on different host does not cause ICMP packets to be duplicated.
My question is if there have been any similar issues ever reported.
Thank you all for help, Cheers,
Gorazd