I have a two node Server 2012 R2 Hyper-v cluster built from SCVMM 2012 R2. I have created a virtual switch that is bound to a LBFO team (8 x 1GB Nics) on each host. Logical Networks are all defined with different VLAN IDs and subnets. I have created different vNics for the parent nodes for different cluster networks as follows:
Management: 10.226.208.128/26 (VLAN 100) - this is the only NIC with a default gateway.
Live-Migration: 172.16.2.128/26 (VLAN660)
Cluster-CSV: 172.16.3.128/26 (VLAN661)
Each of the host vNics that are connected to the virtual switch have VLANID's defined.
However I am seeing some strange behaviour with cluster network traffic being blocked by our perimiter hardware firewall as follows:
100: access-list ACL109 denied tcp DMZ/10.226.208.188(62786) -> LAN/172.16.3.133(3343) hit-cnt 1 first hit [0xba094209, 0x0]
(Here I would expect the TCP 3343 traffic to go from 10.226.208.188 directly to 10.226.208.187 or from 172.16.3.134 to 172.16.3.133).
HYPERVHOST1
vEthernet (Management: 10.226.208.187)
vEthernet (Live-Migration 172.16.2.133)
vEthernet (Cluster-CSV: 172.16.3.133)
HYPERVHOST2
vEthernet (Management: 10.226.208.188)
vEthernet (Live-Migration: 172.16.2.134)
vEthernet (Cluster-CSV: 172.16.3.134)
Any ideas what I am missing here?
Microsoft Partner