ACI PBR traffic issue

deepakbalan · ‎06-25-2020

Same Tenent --two EPG in different VRF --Unicast routing enabled, Advertise externally, Shared between VRF

PBR inserted for both the EPG

Endpoint A Tenant-A:VRF_1:EPG_1

Endpoint B Tenant-A:VRF_2:EPG_2

Endpoint C Tenant-A:VRF_2:EPG_2

EP A--> B is working fine traffic flow

EP A->FW1->ACI-GW->FW2-> EP B

EP A--> C is not working fine traffic flow

EP A->ACI-GW->*->*->*

traffic is not coming out correctly not even reaching the firewall, how to troubleshoot it any suggentions

Sergiu.Daniluk · ‎06-25-2020

Hi @deepakbalan

What is the difference between EP-A -> EP-B vs EP-A -> EP-C flows?

Example of differences:

+ EP-B is located on different leaf

+ EP-B and EP-C are in different subnets

Do you experience same problem if you use a different source other then EP-A to verify the redirects?

Can you also share a logical topology?

For troubleshooting you can start by installing ELAM assistant and verify what is the result of the packet forwarding on the first leaf:https://dcappcenter.cisco.com/elam-assistant.html

Regards,

Sergiu

deepakbalan · ‎06-27-2020

EP->B,C are in the same subnet but a different leaf, ,The problem got resolved after removing the VRF and adding the same.

Another issue APIC GUI data display

when user B configures the subnet in the BD, user A can't see the same in same APIC GUI, but can be see in CLI route as unicast routing is enabled(show ip route) , logged out and checked, browser cache cleared and still the same. how to fix it