cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7647
Views
21
Helpful
12
Replies

Learning endpoints IP without subnet

Antonio Macia
Level 3
Level 3

Hi,

 

Is it somehow possible for ACI to learn the endpoints IP when the BD has not a subnet configured? Just enabling "Unicast routing"?

Thanks.

1 Accepted Solution

Accepted Solutions

Hello,


I looked at the shared captures, and the configuration looks indeed ok. As Remi mentioned, you can verify if you have the Enforce Subnet Check option disabled (System -> System Settings -> Fabric-Wide Settings).


Remi brings a good point here. You must be careful when having the IP addresses learned in a L2BD. In particular the type of problems you may see are exemplified in Figure 16. Why you need to disable Unicast Routing for L2BD from ACI Endpoint Learning Whitepaper https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html


Can you give us more details why you need to see the IP addresses of the EPs in a L2 BD? Maybe we can find a better approach :-).

Cheers,
Sergiu

View solution in original post

12 Replies 12

Sergiu.Daniluk
VIP Alumni
VIP Alumni

Yes. If unicast routing is enabled, even without configuring a subnet, the fabric will learn EP IP addresses.

BD Config:

bd.png

 

Learned Endpoints:

ep1.png

 

 

Regards,

Sergiu

Hi,

 

Mines are not displaying. My BD is configured in mode network-centric with BUM flood enabled, IP Data-plane learning enabled, and GARD detection enabled. But my virtual machines IP are not displaying. What am I missing?

 

Regards.

Hello,

 

Do you have Limit IP Learning To Subnet enabled? In your scenario, where you want to learn IP addresses in a BD with no SVI configured, this option needs to be disabled.

Also, if the EPs were learned while BD was in L2, it might take 1-2 minutes until EP is updated. If fabric is not in production, you can try to clear the endpoint table and force the re-learn.

 

Leaf563# clear system internal epm endpoint 
all        interface  local      rogue      vrf        
anycast    key        remote     vlan

Regards,

Sergiu

 

Hi @Sergiu.Daniluk ,

Your last statement needs a little qualification


Do you have Limit IP Learning To Subnet enabled? This needs to be disabled to have the IP addresses learned.

This is ONLY the case if the the BD does not have an IP address assigned, or the IP address assigned has been configured with No Default SVI gateway

I realise that in the context of the whole discussion, the reader might realise that the case in point is one where the BD does not have an IP address, but not everyone reads the whole discussion.

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Good point. I will make an update to my reply to highlight the context.

Hi, 

 

The Limit IP Learning To Subnet is disabled as I don't have any IP address. I cleared the endpoint table as well and generated traffic again but still seeing only the MAC addresses. ACI should learn the IP addresses because the IP Data-Plane learning is enabled, right?

I'm running the version 4.2(3j)

 

Regards.

Hi @Antonio Macia 

 

This is getting interesting. Can you give us more details from your setup? The following ones in particular: screen capture with the cfg of BD, VRF, learned EP, the domian type you have, and what platform do you have as Leaf.

 

Regards,

Sergiu

Hi @Sergiu.Daniluk ,

 

Thanks for your interest in this case. I've attached the screenshots requested. 

My deployment uses the N9K-C93180YC-FX and N9K-C93108TC-FX leafs.

Hi @Antonio Macia ,

Have you Enforce Subnet Check disabled in the Fabric Wide Settings and have you cleared the ARP Cache on the VMs?

However, what you are trying to do is not best practice while you may bring other problems. You should rethink what is your real need as there may be other way to do it.

Remi Astruc

Hi,

 

I tried disabling the Enforce Subnet Check but still not displaying the IPs. I was trying to get IP visibility but after reviewing the caveats I will disable unicast routing for L2 BD.

 

Thanks.

 

 

Hello,


I looked at the shared captures, and the configuration looks indeed ok. As Remi mentioned, you can verify if you have the Enforce Subnet Check option disabled (System -> System Settings -> Fabric-Wide Settings).


Remi brings a good point here. You must be careful when having the IP addresses learned in a L2BD. In particular the type of problems you may see are exemplified in Figure 16. Why you need to disable Unicast Routing for L2BD from ACI Endpoint Learning Whitepaper https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html


Can you give us more details why you need to see the IP addresses of the EPs in a L2 BD? Maybe we can find a better approach :-).

Cheers,
Sergiu

Hi @Sergiu.Daniluk ,

 

Thanks for pointing out this caveat. I will disable unicast routing in this case and leave only MAC address learning only.

 

Regards.

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License