03-09-2018 12:28 PM - edited 03-01-2019 05:28 AM
Pretty new to ACI, although I've been reading up quite a lot on the concepts. I just got the controller and switches, but I'm having difficulty with basic l2 connectivity between hosts. I've got a domain, VLAN, AEP, EPG set up, and have assigned that EPG to ports. However, the devices cannot ping each other (they're both in the same EPG).
I looked under the switch interfaces and saw that they're out-of-service. I cannot for the life of me figure out a. what this means, b. where to go in order to find out what it means.
Any advice?
eth 1/1-2 are the interfaces I'm talking about. They're on both switches.
Port Name Status Vlan Duplex Speed Type
----------------------------------------------------------------------------------------------
 mgmt0 -- connected routed full 1G --
 Eth1/1 -- out-of-ser trunk full 10G 10Gbase-SR
 Eth1/2 -- out-of-ser trunk full 10G 10Gbase-SR
 Eth1/3 -- notconnect trunk full inherit 10Gbase-SR
 Eth1/4 -- notconnect trunk full inherit 10Gbase-SR
 
					
				
		
03-09-2018 12:33 PM
aswokei,
A port being in an "out-of-service" state implies that the port is up, however no policy has been applied to it.
YOu mentioned that access policies are in place and that there is some association to an EPG. What sort of association to the EPG is there (static binding/vmm domain?) and are any faults being flagged on the epg?
In general, if a port is out of service it is either because:
If you do have any faults, please let us know what they are as they tend to indicate what may be missing.
-Gabriel
03-09-2018 12:34 PM
When an interface is out-of-service it typically means it hasn't been programmed. You're likely missing some necessary policy of have a config error.
-Are there any Faults on the EPG?
-Are you trying to get two baremetal hosts to communicate or VMs?
The more details about your topology etc - the more it will help.
There's also a bunch of good videos that can help you with your training. https://learningnetwork.cisco.com/community/learning_center/aci-training-videos/videos
Robert
03-09-2018 01:04 PM
Sure. It looks like some of my EPGs aren't completely configured--I just can't make sense out of what the faults are telling me.
It looks like it's telling me I don't have a VLAN associated with the domain, or perhaps I don't have an interface associated with the domain. But I don't see how to do that? I created an interface profile, which refers to an AEP. I figured that's how you do it? I don't see a way to associate ports to a domain (is that via the EPG?)
I attached the APIC configuration to the post.
Two faults:
Domain: Tenant
Code: f0467
Type: config
Cause: configuration
Sample fault description: This fault occurs when the endpoint group is incompletely or incorrectly configured
Fault Code:
Code: F0523
Type: config
Cause: configuration
Sample fault description: This fault occurs when the endpoint group is incompletely or incorrectly configured
This fault occurs when the endpoint group is incompletely or incorrectly configured
F0523
minor
Last Transition:
2018-03-09T18:40:04.037+00:00
Lifecycle:
Raised
Affected Object:
topology/pod-1/node-101/local/svc-policyelem-id-0/uni/epp/fv-[uni/tn-testTen/ap-testAP/epg-testEPG]/node-101/stpathatt-[eth1/1]/nwissues
Description:
Fault delegate: Configuration failed for uni/tn-testTen/ap-testAP/epg-testEPG node 101 eth1/1 due to Invalid Path Configuration,Invalid VLAN Configuration, debug message: invalid-vlan: vlan-1611 :Either the EpG is not associated with a domain or the domain does not have this vlan assigned to it;invalid-path: Either the EpG is not associated with a domain or the domain does not have this interface assigned to it;
F0467
Severity:
minor
Last Transition:
2018-03-09T18:41:12.390+00:00
Lifecycle:
Raised
Affected Object:
topology/pod-1/node-102/local/svc-policyelem-id-0/uni/epp/fv-[uni/tn-testTen/ap-testAP/epg-testEPG]/node-102/stpathatt-[eth1/1]/nwissues
Description:
Configuration failed for uni/tn-testTen/ap-testAP/epg-testEPG node 102 eth1/1 due to Invalid Path Configuration,Invalid VLAN Configuration, debug message: invalid-vlan: vlan-1611 :Either the EpG is not associated with a domain or the domain does not have this vlan assigned to it;invalid-path: Either the EpG is not associated with a domain or the domain does not have this interface assigned to it;
Warning: fabric node and controller version mismatch! Please ensure the versions are compatible. More warnings...
Fault Properties
General
Troubleshooting
History
Properties
Fault Code:
F0523
Severity:
minor
Last Transition:
2018-03-09T08:27:12.185+00:00
Lifecycle:
Raised
Affected Object:
uni/tn-mgmt/mgmtp-default/oob-default
Description:
Configuration failed for EPG default due to Not Associated With Management Zone
04-27-2021 09:10 AM
Hi All ,
Did anybody encounter this problem , I was unable to join APIC 2 and 3 to the cluster.
04-08-2020 01:20 AM
Hello guys
I found this thread, so I will try to use it.
I have a slightly different problem, but the same out-of-service information on both SPines
(9364) for leaves I am connecting (93180YC) on both spines I have 2 interfaces oos, so it is systematic issue.
What could be the problem please?
Thank you
Leo
04-08-2020 01:57 AM
Disregard
Had the leaves booting up into NX OS...
Leo
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide