Solved: HTTPS web page not loading - Page 2

LewisD1 · ‎12-08-2021

Hello All,

I am experiencing a weird issue in my Multipod ACI Deployment.

We will have 2 machines part of the same EPG/BD.

Machine 1 and Machine 2

Machine 1 is in Pod 1

Machine 2 is in Pod 2

From machine 1 we can ping, ssh, telnet and telnet on port 443 to machine 2 without issue. When we try to load machine 2 in a web browser on port 443 we just get this page cannot be displayed. If machine 1 and machine 2 are in the same pod it all works perfectly.

We are running version 5.2(3f)

We are not restricting Intra-EPG traffic

I have tried disabling VRF enforcement to rule that out but still the same.

I am drawing up a blank.

Thanks

LewisD1 · ‎12-09-2021

@Robert Burns

I kept digging i could not get anything past over 1450MTU. It turns out that the Subinterfaces of the IPN devices had the default MTU of 1500. All other interfaces has 9126. I have changes the sub interfaces which then brought everything into life.

You hit the nail on the head.

Thank you for your help.

Lewis

Robert Burns · ‎12-09-2021

Great to hear. Since telnet worked fine (lower payload) figured a full web connection would exhibit this symptom if there was fragmentation.

Cheers,

Robert

Sergiu.Daniluk · ‎12-09-2021

Since we are talking about unicast traffic (https), not sure why focus should be on mcast config in IPN.

@LewisD1 I would continue with the packet captures on ACI Leaf/Spines (use ELAM Assistant) and confirm first where the traffic is seen/not seen.

Since you already confirmed that the EP from Pod2 receives and responds, then continue with a captures in Pod2 (direction EP->Leaf->Spine, Source EP-Pod2 Destination EP-Pod1). Then make the same captures on Spines/Leafs in Pod1.

Cheers,

Sergiu