Solved: Endpoints in same epg (same tenant/ VRF) have issue in communication - Page 2

Daps · ‎08-24-2019

My network topology is simple to understand.

ACI network configured as L2 OUT. Mapping of VLAN to BD is BD=EPG=VLAN.

Gateways of all the vlans are on firewall.

Servers are connected to cisco 3560 switches and switches connected to LEAF switches.

I am facing the issue like some of the End points in same EPG not communicated to each other. Tenants and VRF are same. BD is common for both the EPGs, with same subnet.

Diagram is attached with the post. Kindly share your suggestions.

Checked: STP (legacy l2 domain connected to LEAF), VLAN Pruning, EPG deployment, No firewall in between. MAC learning of laptop and server on both the L2 switches.

Daps · ‎09-04-2019

Hi,

ISsue resolved by disable unicast routing in BD.

Ref: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html#_Toc529820929

Thanks

RedNectar · ‎09-04-2019

@Daps ,

Glad you got it figured out. The reference you gave explains why I was so persistant with asking if there was a firewall connected to the BD, but doesn't explain why you had the problem when you said

Today, what I did was , created 1 EPG and add both the server and laptop to that EPG. No firewall, no l2out. 1 server , 1 laptop, 2- L2 switches and 2 leafs.

That was the one that stumped me, and I don't believe the explanation in the reference explains that either. But the reference does explain what I was going to tell you if you'd confirmed there was a firewall attached.

Well Done!

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.