Skip to main content
hans10
hans10
New Member
December 7, 2017
Question

FortiGate-VM on vCloud Director with VXlan network

  • December 7, 2017
  • 0 replies
  • 4155 views

Hi,

 

I have a single FortiGate-VM running on vCloud Director which has one of it's 4 network interfaces connected to a VXlan network (terminated at the vswitch).

 

Just this interface, port 2, is behaving abnormal.. I don't see much traffic other than broadcast (so it does at least something) and lot's of dropped packets:

 

port1    <WAN>

 

            RX packets:55598868 errors:0 dropped:0 overruns:0 frame:0

 

            TX packets:61381976 errors:0 dropped:0 overruns:0 carrier:0

 

            collisions:0 txqueuelen:1000 

 

            RX bytes:9046626266]9046626266 (8.4 GB)  TX bytes:29755662454]29755662454 (27.7 GB) 

 

 

 

port2    Link encap:Ethernet  HWaddr 00:50:56:91:E5:D4

 

            inet addr:10.159.120.252  Bcast:10.159.120.255  Mask:255.255.255.0

 

            UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1

 

            RX packets:784667 errors:0 dropped:758552 overruns:0 frame:0

 

            TX packets:397 errors:0 dropped:0 overruns:0 carrier:0

 

            collisions:0 txqueuelen:1000 

 

            RX bytes:400285098 (381.7 MB)  TX bytes:16674 (16.3 KB) 

 

 

 

port3    Link encap:Ethernet  HWaddr 00:50:56:91:31:40

 

            inet addr:10.159.80.252  Bcast:10.159.80.255  Mask:255.255.255.0

 

            UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1

 

            RX packets:17994191799419 errors:0 dropped:1281 overruns:0 frame:0

 

            TX packets:1 errors:0 dropped:0 overruns:0 carrier:0

 

            collisions:0 txqueuelen:1000 

 

            RX bytes:114471915 (109.2 MB)  TX bytes:42 (42  Bytes) 

 

 

 

port4    Link encap:Ethernet  HWaddr 00:50:56:91:BA:90

 

            inet addr:10.159.110.252  Bcast:10.159.110.255  Mask:255.255.255.0

 

            UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1

 

            RX packets:71959838 errors:0 dropped:2763 overruns:0 frame:0

 

            TX packets:54978388 errors:0 dropped:0 overruns:0 carrier:0

 

            collisions:0 txqueuelen:1000 

 

            RX bytes:2656072967726560729677 (24.7 GB)  TX bytes:51430887085143088708 (4.8 GB) 

 

 

The network is set up in vmware to reject promiscuous mode or mac adress changes, but I'm not in a HA situation so I think I don't need it?

 

There is also a FortiWeb on the same network which does connect just fine, I do see it's broadcast messages if i do a packet capture on the FortiGate.

 

Adapters are all VMXNET 3.

 

Does this sound familiar to any of you? I can ask the provider to change settings in vmware, but need a good reason to do so. 

 

 

    Terms & ConditionsAccessibility statement