Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
1
Replies

Constantly losing connectivity between endpoints in the same BD in ACI

kz-support
Level 1
Level 1

‎05-14-2025 01:49 PM

Hello everyone

We have a problem in the ACI fabric with horizontal interaction between endpoints in  the same bridge domain, but in different EPGs, between which there are the necessary contracts. Conditionally, endpoints (virtual machines in VMware. There is vmm integration in the fabric with VMware) in EPG-1, when accessing endpoints in EPG-2, after a while lose connection with them. The EPG-1 endpoints have the Linux OS installed and when accessing the EPG-2 endpoints is unsuccessful, we receive the message "no route to host", and in the arp records we see "incomplite" in the mac-address field (the mac-address of the bridge domain should be displayed, since the endpoints belong to EPG-2).

If you reconnect the network adapter on the problematic VM in EPG-1, the problem goes away for a while.

Here's the screen of BD settings

kzsupport_0-1747255675336.png

could you help me to resolve this issue?

Labels:
0 Helpful
1 Reply 1

AshSe
VIP
VIP

‎06-03-2025 02:44 AM

Hello @kz-support 

May I ask you few questions:

  1. Can any VMs in EPG-1 communicate with any VMs in EPG-2? Or is it specific VMs that are having issues?
  2. Does the problem occur with all protocols (e.g., ping, TCP, UDP)?
  3. Can VMs in EPG-1 communicate with other VMs in the same EPG-1?
  4. Can VMs in EPG-2 communicate with other VMs in the same EPG-2?

I suggest you to do ARP troubleshooting and address the questions:

  1. When the problem occurs, use tcpdump or wireshark on the VM in EPG-1 to capture ARP requests and answer the following questions:
    • Do you see the ARP requests going out?
    • Do you see ARP replies coming back? If you don't see replies, it indicates an ARP resolution problem.
  2. Check the ARP table on the VM in EPG-1: arp -a. and answer the questions below:
    • Is the MAC address for the gateway (bridge domain subnet) correct?
    • Is the MAC address for the destination VM in EPG-2 present and correct before the problem occurs?

The real concern is to figure out why the ARP entries are aging out in the first place. and with respect to that answers the questions below:

  • Is there a network issue causing packet loss?
  • Is the VM in EPG-2 not responding to ARP requests for some reason?
  • Are there any firewalls or security policies that are blocking ARP traffic?

One more off the track troubleshooting suggestion:

Get two problematic VMs connected to the same ESXi host and on the same EPG. Check if they can communicate with each other.

HTH

AshSe

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License