Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
963
Views
0
Helpful
1
Replies

IPv6 between L3out and ASA interface

oyeniyifasoyinu
Level 1
Level 1

‎03-10-2023 01:21 PM

Hello,

I hope I can get some help. We have a project to deploy IPv6 on all environments in our data center. I am working on the ACI.

I created a separate interface profile off of the existing Node Profile for IPv4 to accommodate IPv6 L3out.

This is interconnected to an ASA interface with dual stack. A similar connectivity was also established from ACI L3out to a PALO firewall.

On the ASA instance, the interface connected to the active firewall lost connectivity to IPv4 and no ARP entry on the ACI. The secondary was ok but the firewall did not failover over so clients could not reach destination app resident on the ACI until the change was reverted.

On the PALO, both IPv4 and IPv6 addresses were responding to pings, ARP table had the correct IPv4 address and Mac but src/dst connectivity was lost until this change was rolled back.

This is happening only with firewalls connecting to the ACI. Firewall interfaces connecting to switches and ASRs did not exhibit any issues. 
Can you help?

It seems 

0 Helpful
1 Reply 1

abhjha2
Cisco Employee
Cisco Employee

‎03-22-2023 11:58 PM

Hi Oyeniyifasoyinu,
We might need more detail like topology, version running on ASA/PA so I would ask you to open a case with TAC so that detail investigation can be done from ACI configuration as well.
This issue might be seen with any flooded frame, not just ARP.
-----------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.
You can also learn more about Cisco ACI through our live Ask the Experts (ATXs) session. Check out the ATXs Resources [https://community.cisco.com/t5/data-center-and-cloud-knowledge/cisco-aci-ask-the-experts-resources/ta-p/4394491] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.
-----------------------------------------

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License