Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
652
Views
1
Helpful
5
Replies

BD subnet not advertised on l3out

Go to solution
funnelbeaker
Level 1
Level 1

‎01-12-2025 11:39 PM

We have an issue I can't really grasp. We are trying to advertise a BD subnet over BGP on a l3out. The BD is set to "Advertise externally" and it's associated with the correct l3out (also tried to create an external EPG on the l3out and export the subnet).

L3out is in common tenant and BD in a separate tenant but both tied to a VRF in common tenant.

What I believe is the issue is that the l3out is connected in leaf101 but the endpoint is in leaf 104 because I can see the route for the subnet in leaf104 but not in 101. So I'm guessing that the l3out won't advertise the subnet since it doesn't see it in it's routing table.

But shouldn't ACI install the route in leaf 101 when I associate the BD to the l3out terminating in leaf101?

Thanks for any help / suggestions.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
funnelbeaker
Level 1
Level 1

‎01-13-2025 07:22 AM

Alright, this falls under the subject: RTFM And of course mr. ACI - aka. RedNectar had the right idea of having a contract in place

It's crystal-clear in the "ACI Fabric L3Out White Paper": L3out White paper 

"If the BD happens to be deployed on the same border leaf, the redistribution happens via the route-map rule, and it will be advertised. However, that is usually not the case. Please remember that BD subnets are not distributed via MP-BGP, which is only for external routes. A contract between an EPG in the BD and the L3Out is required. Once the contract is configured, APIC knows the L3Out needs to talk to someone in the BD and installs the BD subnet on the border leaf switches. Then the redistribution happens with the route map mentioned above. Users typically do not need to pay attention to these details because a contract is required anyway to allow the traffic."

I hope this might help anyone else with the same issue.

View solution in original post

5 Replies 5

Go to solution
funnelbeaker
Level 1
Level 1

‎01-13-2025 01:13 AM - edited ‎01-13-2025 04:57 AM

Attaching a drawing that might help...

funnelbeaker_0-1736773048583.png

 

0 Helpful

Go to solution
RedNectar
VIP Alumni
VIP Alumni
In response to funnelbeaker

‎01-13-2025 03:14 AM - edited ‎01-13-2025 03:16 AM

Hi @funnelbeaker ,

What exactly do you mean by "it's associated with the correct l3out "  you say 

"The BD is set to "Advertise externally" and it's associated with the correct l3out "

Because there are so many places in the BD that "look" like associating a BD to a L3Out.

Can you confirm that you mean something like this?

 

RedNectar_0-1736766808851.png

BTW - good idea to resize your digram to full width

Also validate that there is a contract in place between the Ll3EPG and an EPG linked to the subnet that you want advertised.

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
0 Helpful

Go to solution
funnelbeaker
Level 1
Level 1
In response to RedNectar

‎01-13-2025 04:33 AM

Hi @RedNectar, thanks for your answer. That's correct, that is where it's associated. I may be incorrect but I don't think there needs to be a contract in place to just get the routes advertised? To actually get traffic passing for sure we need a contract.

Theoretically, do you know what happens when you do that association to a L3out. Wouldn't it be logical that the route for the BD-subnet gets installed on the leafs that are part in the BGP-peering?

0 Helpful

Go to solution
funnelbeaker
Level 1
Level 1

‎01-13-2025 07:22 AM

Alright, this falls under the subject: RTFM And of course mr. ACI - aka. RedNectar had the right idea of having a contract in place

It's crystal-clear in the "ACI Fabric L3Out White Paper": L3out White paper 

"If the BD happens to be deployed on the same border leaf, the redistribution happens via the route-map rule, and it will be advertised. However, that is usually not the case. Please remember that BD subnets are not distributed via MP-BGP, which is only for external routes. A contract between an EPG in the BD and the L3Out is required. Once the contract is configured, APIC knows the L3Out needs to talk to someone in the BD and installs the BD subnet on the border leaf switches. Then the redistribution happens with the route map mentioned above. Users typically do not need to pay attention to these details because a contract is required anyway to allow the traffic."

I hope this might help anyone else with the same issue.

Go to solution
RedNectar
VIP Alumni
VIP Alumni
In response to funnelbeaker

‎01-13-2025 11:55 AM

Hi @funnelbeaker ,

Glad you got it sorted - I was about to hit the sack last night when I answered that and didn't give it 100%. I was thinking of putting a reference to that white paper in - it's a great white paper - but was too lazy (or too tired).

The "do I need a contract?" question is interesting. Although the white paper and all the BRKACI (BRKACI-3101 is my favourite) say that a contract is needed, you'll find that sometimes a route will be advertised before a contract is deployed. C'est la vie ACI

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License