03-01-2022 12:39 PM
Hi folks,
OK. I know I can run the following command agains a leaf to find the Spine anycast proxy addresses,
apic1# fabric 2202 show isis dteps vrf overlay-1 ---------------------------------------------------------------- Node 2202 (Leaf2202) ---------------------------------------------------------------- IS-IS Dynamic Tunnel End Point (DTEP) database: DTEP-Address Role Encapsulation Type 10.2.16.65 SPINE N/A PHYSICAL 10.2.0.65 SPINE N/A PHYSICAL,PROXY-ACAST-V4 10.2.0.67 SPINE N/A PHYSICAL,PROXY-ACAST-MAC 10.2.0.66 SPINE N/A PHYSICAL,PROXY-ACAST-V6 10.2.16.64 LEAF N/A PHYSICAL 10.2.0.64 LEAF N/A PHYSICAL
And I know that I can visit the Fabric > Inventory >> Pod 1 > Leafxxxx > Interfaces > Tunnel Interfaces to see which tunnel interfaces have the Proxy as a target, THEN double click on each one to find the IP address...
BUT
both these methods are clumsy.
Ideally I'd like to query a spine rather than a leaf - it seems a bit silly to be asking a leaf about an address on a spine. I would have thought that there would be a way of extracting this information from a spine. Asking a leaf is a bit like asking my wife for my phone number. You'll get the right answer, but it's one step removed from the source.
Anyhow - happy to hear any suggestions. Even other CLI commands that I could use - hopefully simpler and more elegant than
moquery -c tunnelIf | egrep "^type|^dest"
Solved! Go to Solution.
03-02-2022 05:04 AM
Chris,
You'll be hard pressed to easily gathering these addresses from the UI. Your best shot is the CLI/API.
What about:
fabric [node] show ip interface vrf overlay-1 | egrep -A 1 "anycast"
See if that gets you any closer to your goal.
Robert
03-02-2022 06:34 AM - edited 03-02-2022 06:36 AM
Hi Chris,
You can also play with moquery options to find the anycast IP:
apic3# moquery -c ipv4If -f 'ipv4.If.mode=="anycast-mac"' -x 'rsp-subtree=children' | egrep "addr" | grep dn dn : topology/pod-1/node-101/sys/ipv4/inst/dom-overlay-1/if-[lo11]/addr-[10.0.168.64/32] apic3# moquery -c ipv4If -f 'ipv4.If.mode=="anycast-v4"' -x 'rsp-subtree=children' | egrep "addr" | grep dn dn : topology/pod-1/node-101/sys/ipv4/inst/dom-overlay-1/if-[lo13]/addr-[10.0.168.66/32]
Not the most elegant command (compared with the `show ip interface`), but it works.
Stay safe,
Sergiu
03-02-2022 05:04 AM
Chris,
You'll be hard pressed to easily gathering these addresses from the UI. Your best shot is the CLI/API.
What about:
fabric [node] show ip interface vrf overlay-1 | egrep -A 1 "anycast"
See if that gets you any closer to your goal.
Robert
03-02-2022 06:34 AM - edited 03-02-2022 06:36 AM
Hi Chris,
You can also play with moquery options to find the anycast IP:
apic3# moquery -c ipv4If -f 'ipv4.If.mode=="anycast-mac"' -x 'rsp-subtree=children' | egrep "addr" | grep dn dn : topology/pod-1/node-101/sys/ipv4/inst/dom-overlay-1/if-[lo11]/addr-[10.0.168.64/32] apic3# moquery -c ipv4If -f 'ipv4.If.mode=="anycast-v4"' -x 'rsp-subtree=children' | egrep "addr" | grep dn dn : topology/pod-1/node-101/sys/ipv4/inst/dom-overlay-1/if-[lo13]/addr-[10.0.168.66/32]
Not the most elegant command (compared with the `show ip interface`), but it works.
Stay safe,
Sergiu
03-02-2022 08:35 PM - edited 03-02-2022 08:35 PM
Hey - thanks so much to @Robert Burns and @Sergiu.Daniluk for your fantastic contributions! I'm sure I've wasted half your day, and I'm pretty confident that after having such gurus as you two digging around the answer to
Is there an easy way to see the Proxy Anycast addresses from the APIC?
is... It depends. If your internal geek-meter pitches either of the above suggestions at the "easy" level, then yes.
Unfortunately, even though I think I have a pretty extreme internal geek-meter, I reckon for something to be "easy", it needs to be
I doubt I'll get a better answer, so I'll have to concede that this is as good as I'm going to get. Might be a good starting point for a bit of a python programming challenge.
03-03-2022 04:56 AM
Out of curiosity, what's the use case for needing/using these IPs? As these IPs wont really change once allocated, you would collect them once, and document/archive it. Where I agree it could be easier, it's also information most customers will rarely use. It's a balance of information overload vs. showing what's necessary/commonly used.
Robert
03-03-2022 01:19 PM
Hi @Robert Burns ,
Well, I guess I'm a bit of an unusual user because I'm an instructor.
The time I wish that there was a more straightforward way is when I'm explaining the routing table.
apic1# fabric 2201 show ip route vrf Tenant01:Production_VRF ---------------------------------------------------------------- Node 2201 (Leaf2201) ---------------------------------------------------------------- <snip> 10.200.0.5/32, ubest/mbest: 1/0, attached, direct, pervasive *via 10.2.0.65%overlay-1, [1/0], 2d13h, static, rwVnid: vxlan-2523136 10.201.11.0/24, ubest/mbest: 1/0, attached, direct, pervasive *via 10.2.0.65%overlay-1, [1/0], 2d14h, static, tag 4294967294 10.201.11.1/32, ubest/mbest: 1/0, attached, pervasive *via 10.201.11.1, vlan20, [0/0], 2d14h, local, local 10.201.12.0/24, ubest/mbest: 1/0, attached, direct, pervasive *via 10.2.0.65%overlay-1, [1/0], 2d14h, static, tag 4294967294
I use this table as a jumping point to explain that the "send to poxy" action is really just a routing decision. But to follow it up, I'd like a simple way of saying
See - the next hop of 10.2.0.65 is the IPv4 Anycast Proxy address as you can see here....
but following that statement with
fabric 2201 show isis dteps vrf overlay-1
even if it gives the answer, just raises a whole lot of unwanted unrelated questions,
"What's isis got to do with it?"
"What's a dtep?"
And inevitably
"Where can I see the Anycast addresses in the GUI?"
"Isn't there an easier way to see this?"
So my motivation is indeed entirely selfish. But also I like to be able to paint Cisco in a positive light and give an answer to such questions, so I thought I'd ask here.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide