Symptoms
In VMware ESXi 5.x, 6.x and 7.x host, when the ping command is performed from one of the Common Address Redundancy Protocol (CARP) controller nodes to another node running on a same ESXi host, you experience this symptom:
Duplicate Internet Control Message Protocol (ICMP) response is observed
Cause
This issue occurs when CARP controller nodes running on a same ESXi host has promiscuous enabled and the vSphere Distributed Switch (vDS) is using more than one uplink.
Impact / Risks
Duplicate ICMP response
Resolution
This behavior is expected in VMware ESXi 5.x, 6.x and 7.x.CARP contoller interface does not use MAC address that is assigned to the vNIC. This is the reason why the MAC address is not registered with the Standard Virtual Switch (VSS).Since MAC address learning does not happen at the vSphere Distributed Switch (vDS) level with promiscuous mode enabled, when an ICMP packet is sent out, one copy of the packet is send to the destination virtual machine by the vSwitch with promiscuous mode enabled. Meanwhile, since the vSwitch does not know the destination MAC address, it also forwards the packet to the uplink. The packet then goes through the physical switch and come back through the other uplink. The destination virtual machine then receives two copies of the ICMP Echo request packet and responds twice which causes the duplicate ICMP response.
Related Information
Internet Control Message Protocol (ICMP) 要求への重複応答 - 同じ ESXi ホスト上で動作する CARP コントローラ ノード在同一个 ESXi 主机上运行的 CARP 控制器节点重复响应 Internet 控制消息协议 (ICMP) 请求
