Hello can someone please help me with the following question :) We have a Windows Server and a NetApp Cluster-Mode iSCSI attached storage (NAS) on the same vLAN Basically, for want of a better description, one of the interface on the NetApp (one of the LIFs) is not responding (let's just say it's hung). Therefore when you do a ping (from a Windows command prompt) to the NetApp interface in question (again both on the same subnet) I receive the following Reply from 172.20.11.249: TTL expired in transit However, in the Wireshark capture (and I have check I am capturing on the correct interface) there is nothing displayed for ICMP (not a single ICMP packet) Could it be I am not seeing an ICMP as I am not crossing a router and the interface is just not responding at all and therefore unable to build and ICMP packet of its own to send back? Any advice most welcome Thanks Ernie asked 22 Nov '16, 06:57  EBrant |
One Answer:
If modern versions of Windows cannot find a device on a given interface, it may send the request to the default GW. Is the ping client multihomed? If so, sniff on that interface. You may see ICMP echoes on that interface or ARPs, depending if you are local or not. So, capture on all interfaces and see what shows. Finally found a reference to this - Check the section on What about Neighbor Unreachability? and see if it applies to you in this case. answered 22 Nov '16, 07:01  Bob Jones edited 23 Nov '16, 02:40 |
