Solved: L3Out node/interface profiles

AirBorn · ‎04-21-2022

Hi,

I have 2 firepower configured in active/standby mode to connect to 2 ACI Leaf switches ( see attached file) through two VPC links VPC-Pathe-1 & VPC-Path-2

the setup is for internal Network <--> DC communications only

OSPF is used

I have configured a L3out with one node profile wich contails 2 interface profile

- interface profile 1 :

- Path: VPC-Path-1

- VLAN=2010

- Side A Primary IP: 10.1.1.1/24

- Side B Primary IP: 10.1.1.2/24

- interface profile 2 :

- Path: VPC-Path-2

- VLAN=2010

- Side A Primary IP: 10.1.1.1/24

- Side B Primary IP: 10.1.1.2/24

When i configure interface profile 2 with he above parameters i get "ip address mismatch" error 400. i have also tested

- Interface profile 2 with different IP on the same subnet

- Adding VPC-Parh-2 to interface profile 1

i still get the error message

Cisco documentation says " configuring the same VLAN on two different Paths as an SVI is supported"

Does the above design not supported ? if yes what is the alternative design ?

Regards

AirBorn · ‎04-24-2022

Hi

It seems like there was a bug on the dcloud, the setup is working fine now.

Regards

View solution in original post

Francesco Molino · ‎04-21-2022

Hi

can you share the screenshot of apic when you’re configuring these IPs on the same interface profile for both paths?

This works and all setups with HA firewalls, this is the way to do it: SVI with same IPs on both paths.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

AirBorn · ‎04-24-2022

Hi

It seems like there was a bug on the dcloud, the setup is working fine now.

Regards