06-22-2020 11:04 AM
Hello guys,
I've got a couple questions with MSO Bridge Domain L2 stretch feature.
From my understanding, in legacy network - we used OTV to fulfill the requirement to encapsulate L2 traffic and carry them from local site A to other site B over OTV.
Earlier we have the command to verify and ensure that endpoints MAC addresses was carried over OTV by using 'show otv route' and we can know that those MAC addresses learned from local site (Site-A) or overlay site (Site-B).
Now with the coming of MSO, I found that in ACI EP Tracker we can verify endpoints' MAC Addresses that belongs to each site only. The Site-B's EP MAC is not searchable from Site-A EP Tracker.
I can only confirm the L2 Stretch is working by creating SVIs at leagcy switches on each site and doing ping across Site-A and B via stretched path.
Have you guys got any ideas on how to verify the MAC address over multisite?
Or can we check any outputs via Spines on each sites?
Thanks in advance.
06-25-2020 11:23 PM - edited 06-25-2020 11:24 PM
Since the ACI Multi-Site is using BGP EVPN to exchange ep information between sites, you can use the following commands on spine:
1. Verify that EVPN neighborship is up:
show bgp l2vpn evpn summary vrf overlay-1
2. Using the neighbors IP address, verify what EP info is received from the remote site:
show bgp l2vpn evpn neighbors <IP-ADDRESS> routes vrf overlay-1
Alternatively, you can also check the COOP table, but it will require some filtering:
show coop internal info ip-db
Stay safe,
Sergiu
08-03-2020 06:11 AM
Thanks for your answer. Since our fabric is running pure L2 BD, assuming that endpoint IP Addresses are not learned but only MAC Addresses instead. I've also found the CLI command can verify EP MAC is learned from remote site over EVPN or not.
Please correct me if I'm wrong.
show bgp l2vpn evpn <mac_addr> vrf overlay-1
>>> notice the Flags:
Flags: (0x00010a 00000000) on xmit-list, is not in rib/evpn >> meaning that it learned from LOCAL site
Flags: (0x00021a 0x00000a) on xmit-list, is in rib/evpn, is not in HW, is in l2rib msite shard, is in l2rib >>> specifies that it was learned from REMOTE site
Coming to the point, as there's CLI commands that can check EP information across sites, I'm not sure if there's anyway to check on APIC GUI in terms of user-friendly?
Thanks.
08-03-2020 11:40 AM
hello,
I am not entirely sure, and I do not have a lab ready for testing, but have you checked the Operational tab of stretched/shadow EPGs? I believe the EPs should be listed there even for remote sites.
Thank you,
Sergiu
08-07-2020 02:00 AM
@Sergiu.Daniluk wrote:have you checked the Operational tab of stretched/shadow EPGs?
I believe that would be available in newer version of APIC right?
Mine is running 4.2(1) but haven't got that option in Operational tab.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide