Why can't VMs with VNI attachments communicate?

Virtual Private Cloud 4.20 and later Bare metal worker nodes only RHCOS only

You configure VNI attachments for virtual machines (VMs), but the VMs still cannot communicate as expected.

The communication path can fail if the VLAN configuration, VM interface settings, or VPC networking settings do not match across the VNI and localnet UDN configuration.

Use the following checks to investigate the configuration.

  1. Verify that the VLAN ID matches between the ClusterUserDefinedNetwork (CUDN) and the VNI attachment.

    oc get clusteruserdefinednetwork <cudn_name> -o yaml
    ibmcloud ks vni ls --cluster-id <cluster_id>
    
  2. Check that the VM is using the expected MAC address.

    oc get vmi <vm_name> -n <namespace> -o yaml | grep macAddress
    
  3. Review the VNI configuration.

    ibmcloud is virtual-network-interface <vni_id>
    
  4. Review the VPC security group configuration.

    ibmcloud is security-groups
    ibmcloud is security-group <security_group_id>
    
  5. Review the guest operating system network configuration inside the VM. Confirm that the guest operating system network settings, such as the configured IP address, routes, and interface state, match your expected VNI and VLAN design.

  6. Review Managing virtual network interfaces for OpenShift Virtualization to confirm that the VNI, VLAN, and localnet configuration are aligned. If the configuration does not align, update the CUDN, VLAN, or VNI settings so that they match across the cluster and the VM configuration.