Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
3
Helpful
4
Replies

Blade server inter epg communication problem in Cisco ACI

Go to solution
sina.naser
Level 1
Level 1

‎05-14-2023 08:09 AM

Hi everyone

I've connected HPE Blade servers via VPC to Cisco ACI fabric leaves. In blade servers we have ESXi hosts and no vmm integration. The L3Out and intra epg communication is OK

But the inter EPG does not work when source and destination endpoint reside in one chassis.

When i add arp entry of destination in source workstation the problem was solved. I even tried the Flood unknown unicast and arp flood in BD but the problme didnt solve.

I appreciate any idea

Tnx in advance

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to sina.naser

‎05-17-2023 05:30 AM

Typically with HP Syngery there are two options to make this work.  In addition to the BD Unknown Unicast being set to Flood mode, you need one of the following options:

1. Assign one EPG per BD (sounds like you have multiple)
or
2. Enable "Flood in Encap" on the BD

This is due to the fact that ACI is doing a form of VLAN bridging and HP doens't play nice with this.  You can find a full write up on these recommendations here: https://support.hpe.com/hpesc/public/docDisplay?docId=a00110372en_us

Robert

View solution in original post

4 Replies 4

Go to solution
RedNectar
VIP
VIP

‎05-14-2023 01:59 PM - edited ‎05-14-2023 02:01 PM

Hi @sina.naser ,

I have some questions

I've connected HPE Blade servers via VPC to Cisco ACI fabric leaves.

Can you show the output from the APIC CLI of the following command:

apic1# fabric <ID_of_1st_VPC_leaf>,<ID_of_2nd_VPC_leaf> show port-channel summary 

Highlight the rows where the HPE Blade servers are.

But the inter EPG does not work when source and destination endpoint reside in one chassis.

Do you mean when source and destination are in the SAME EPG or DIFFERENT EPGs?

Is the source and destination in the SAME subnet or DIFFERENT subnets?

Is there any switching performed on the HPE blade server chassis? If so, then if the source and destination in the SAME subnet, communication SHOULD be handled by the HPE switch and the packets never reach ACI anyway.

When i add arp entry of destination in source workstation the problem was solved.

Did you add an APP entry for a default gateway or for the target?

Tip for when pasting the output of the command above:

  1. Click the 3 dots in the formatting bar to expand the options and show the Paragraph formatting button
  2. Click Paragraph > Preformatted 
    • A space will open where you can enter stuff, but if you paste your command output here it won't work
  3. click HTML
  4. Now paste between the <pre></pre> tags to preserve spacing

 

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
0 Helpful

Go to solution
sina.naser
Level 1
Level 1
In response to RedNectar

‎05-14-2023 11:50 PM

Source and destination are in different EPGs (VLANs) and same subnet

I add arp entry of destination in source endpoint.

port-channels are fine in the output of show port-channel summary

The HPE blade server is Synergy. what kind of configuration must we do in synergy internal switch?

0 Helpful

Go to solution
RedNectar
VIP
VIP
In response to sina.naser

‎05-15-2023 02:13 PM

Hi @sina.naser ,

Can you then confirm that both EPGs have Flood in Encapsulation Disabled

RedNectar_0-1684184789044.png

Also check the Intra EPG Isolation and Preferred Group Member while you are there.  If Preferred Group Member is enabled, make sure it is ALSO enabled of the OTHER EPG AND on the VRF.

Once I have all the details, I'll go through a scenario of what should happen, but to do that I'll need to know if ARP flooding is Enabled or Disabled on the Bridge domain (it should work either way, but the way I tell the story will be different)

Oh - and I'll need to know if routing is enabled on the BD, A BIG screen dump like the one below should tell me

RedNectar_1-1684185185228.png

 

 

 

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to sina.naser

‎05-17-2023 05:30 AM

Typically with HP Syngery there are two options to make this work.  In addition to the BD Unknown Unicast being set to Flood mode, you need one of the following options:

1. Assign one EPG per BD (sounds like you have multiple)
or
2. Enable "Flood in Encap" on the BD

This is due to the fact that ACI is doing a form of VLAN bridging and HP doens't play nice with this.  You can find a full write up on these recommendations here: https://support.hpe.com/hpesc/public/docDisplay?docId=a00110372en_us

Robert

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License