Virtualised networking issues? Sometimes it's the most obvious thing, Doh!

I just provided some help to a friend setting up a small virtualisation network on single machine, for demonstrating a new software technology at user groups and conferences.

A few tweets and e-mails went back and forth as we discussed virtual networking options, static IP configurations and using NEWSISID to enable imaging VMs from a initial 'gold' image. Getting the machines to talk to each other on an isolated virtual network was proving to be way more difficult than it should have been.

At this point I'll veer off and mention the apocryphal story regarding a Physics PhD who was visiting his parents. When he discovered that their vacuum cleaner had stopped working the day before he offered to help out. About an hour after he started his mother brought him a cup of tea in a room now strewn with vacuum cleaner parts being tested with a digital multimeter. His mother casually asked if he had tested the fuse ...

So back to the virtualisation; I had actually hit a similar scenario with my virtualisation presentations when I installed Hyper-V Server on one laptop and used a crossed network cable to connect to a second laptop running Windows Server 2008. I blamed Hyper-V Server, I blamed my static IP configuration, I blamed the crossed network cable.

I blamed all the unfamiliar things I was working with.

And the solution for me, and my friend's isolated virtual network?

The default firewall settings in Windows Server 2008 block the ping command. Yep, the thing you'll first think of to test you have the network configured correctly won't work.

I discovered this when in desperation I configured remote administration. Once a connected remotely, I knew my network configuration was definitely working, and a bit of digging later and I discovered the truth about ping under a default installation of Windows Server 2008.

The lesson learnt; it is completely natural to blame the unfamiliar first, a very human reaction. It's also more often than not the wrong attitude, especially with new computer technologies.


P.S. Disabling the ping command follows the Microsoft goal of locking down server operating systems to be secure out of the box, and letting administrators enable services and firewall items when they are required. This is a good thing, and I definitely don't want this post to suggest otherwise. We just need to remember, no ping by default and get over it.

Print | posted on Sunday, October 4, 2009 2:41 PM

Comments on this post

No comments posted yet.

Your comment:

 (will show your gravatar)