Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2295
Views
10
Helpful
2
Replies

ACI Routing Decision Logic

Go to solution
glezJos91986
Level 1
Level 1

‎08-03-2021 11:03 AM - edited ‎08-03-2021 11:06 AM

Hello Community,

I have been looking for information about the routing decision on ACI.

There are 3 lookup points:

1- Endpoint Table

2- RIB Table

3- ARP Table.

Basically a leaf switch will look for an endpoint on its database, if it is not found, then it tries its RIB table and finally the ARP table if needed. That's what I got, so far so good.

My struggle comes from the fact that also as per the documentation, when a leave switch does not know how to get to a destination, it sends the traffic to a spine (which in theory should know about all endpoints or try to "discover" them) and the spines forward the traffic then to the final leave. 

So:

Q1: When exactly in the 3 steps logic, does the leave send the traffic to the spine for lookup (COOP)?

Q2: If the leave uses the RIB info to route traffic to and endpoint, I guess that afterwards the leave will learn that endpoint and it wont have to get to the RIB next time it needs to send traffic to that endpoint? Is that how it works?

Q3: All routing decision are tied to VRFs as I understand, so for example if I ping an endpoint from a leave, which VRF am I using?

Thank you community team!

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎08-04-2021 05:26 AM

Hi @glezJos91986 

The answer as usual, it depends, but here is a flowchart which can help you understand a bit the routing decision:

Screenshot 2021-08-04 100817.png

 

Q1: can be simply answered following the flowchart above. Just as an informative note, in the RIB the APIC will program the BD subnet as static route with next hop to Spine Proxy.

Q2: It depends. If you have enabled IP data-plane learning in the BD (enabled by default) then yes, the leaf will learn the source IP of the endpoint from data plane packets; otherwise, will learn local IPs are learned from ARP/GARP/ND via the control plane.

Q3: You must specify the VRF in which you are pinging:

 

Leaf201# show vrf 
 VRF-Name                           VRF-ID State    Reason                         
 SD:SD                                   7 Up       --                             
 black-hole                              3 Up       --                             
 overlay-1                               4 Up       --                             

Leaf201# iping -h
usage: iping    
<snip>
                 [ -V    <vrf-name>      name of the VRF through which destination is reachable ] 
</snip>

Leaf201# iping 10.1.1.1 -V SD:SD

 

 

Stay safe,

Sergiu

View solution in original post

2 Replies 2

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎08-04-2021 05:26 AM

Hi @glezJos91986 

The answer as usual, it depends, but here is a flowchart which can help you understand a bit the routing decision:

Screenshot 2021-08-04 100817.png

 

Q1: can be simply answered following the flowchart above. Just as an informative note, in the RIB the APIC will program the BD subnet as static route with next hop to Spine Proxy.

Q2: It depends. If you have enabled IP data-plane learning in the BD (enabled by default) then yes, the leaf will learn the source IP of the endpoint from data plane packets; otherwise, will learn local IPs are learned from ARP/GARP/ND via the control plane.

Q3: You must specify the VRF in which you are pinging:

 

Leaf201# show vrf 
 VRF-Name                           VRF-ID State    Reason                         
 SD:SD                                   7 Up       --                             
 black-hole                              3 Up       --                             
 overlay-1                               4 Up       --                             

Leaf201# iping -h
usage: iping    
<snip>
                 [ -V    <vrf-name>      name of the VRF through which destination is reachable ] 
</snip>

Leaf201# iping 10.1.1.1 -V SD:SD

 

 

Stay safe,

Sergiu

Go to solution
glezJos91986
Level 1
Level 1
In response to Sergiu.Daniluk

‎08-04-2021 07:38 PM - edited ‎08-04-2021 07:44 PM

Thank you @Sergiu.Daniluk, that flow chart clarified a lot the routing/forwarding decision, more than the "3 steps" process.

 

I actually had no idea that spine proxy can be used for both L2 and L3 decisions. For some reason I only though of it as the last resource for L2 forwarding decision.

Thank you for the answer !!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License