Hi,
I am new to ACI and was recently looking at the operations tab and ran a query and I am not sure that I understand the results.
I have a host that sits outside of ACI (10.131.161.38) and a host inside of ACI (192.168.209.148) I can happily ping from outside of the ACI environment to the host, however, the output from the query suggests that packets are being dropped.
If I login to the boarder leaves I have a full ospf adjacency on both switches
OSPF Process ID default VRF PRODUCTION:PRODUCTION_VRF
Total number of neighbors: 1
Neighbor ID Pri State Up Time Address Interface
192.168.128.254 1 FULL/DR 4w3d 192.168.10.71 Eth1/2
LEAF_103# show ip route summary vrf PRODUCTION:PRODUCTION_VRF
IP Route Table for VRF "PRODUCTION:PRODUCTION_VRF"
Total number of routes: 872
Total number of paths: 879
Best paths per protocol: Backup paths per protocol:
ospf-default : 860 ospf-default : 6
bgp-65535 : 1
static : 5
local : 4
direct : 2
am : 1
LEAF_102# show ip route summary vrf PRODUCTION:PRODUCTION_VRF
IP Route Table for VRF "PRODUCTION:PRODUCTION_VRF"
Total number of routes: 872
Total number of paths: 879
Best paths per protocol: Backup paths per protocol:
ospf-default : 860 ospf-default : 6
local : 4
direct : 2
static : 5
am : 1
bgp-65535 : 1
The leaf switch where the destination resides actually shows permits in the CLI for the contract
LEAF-105# show logging ip access-list internal packet-log permit | grep 192.168.209.148
[2023-05-18T16:23:36.003068000+01:00]: CName: PRODUCTION:PRODUCTION_VRF(VXLAN: 2359296), VlanType: FD_VLAN, Vlan-Id: 2, SMac: 0x84a938df8198, DMac:0x0022bdf819ff, SIP: 192.168.209.148, DIP: 10.131.161.38, SPort: 0, DPort: 0, Src Intf: Ethernet1/12, Proto: 1, PktLen: 74
The communication works so maybe I'm misunderstanding the output.
As I said, I am new to ACI so I'd be grateful for any help.
Thank you
Jon
