Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1434
Views
5
Helpful
3
Replies

Routing between EPG in same VRF

Geir Sand-Strand
Level 1
Level 1

‎03-02-2020 03:23 AM

Hi

I must be missing something.  The case should be easy.

Running ACI in multipod, with 3 POD's.

In POD1 I have server1 connected to EPG1 and leaf201 with static port vlan 10 towards the server.

In POD1 I have EPG2 and leaf201 with static port vlan 20 configured.

In POD2 I have server2 connected to EPG2 and leaf401 with static port vlan 20 towards the server.

Both EPG's belong to the same Application profile in the same Tenant, and same VRF. 

I have configured vzAny in the VRF so traffic should run good between the EPG's.

EPG1=BD1=vlan10 (subnet 10.10.10.1/24 unicast routing enabled)

EPG2=BD2=vlan20 (subnet 10.10.20.1/24 unicast routing enabled)

show ip route vrf vrfTest shows both subnets, BD1 and BD2, on leaf 201

show ip route vrf vrfTest shows only subnets for BD2 on leaf401

 

Traffic between server1 and server2 is not working as I would expect.

 

If I deploy a static port on leaf401, both subnets shows up in the ip route vrf vrfTest.  And then then traffic seems to work properly.

 

What am I missing?

 

Br Geir

 

Labels:
0 Helpful
3 Replies 3

Geir Sand-Strand
Level 1
Level 1

‎03-02-2020 06:18 AM

It might be that we hit the bug https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq25729

We have 4 similar types of the above problem.  2 out the the 4 seems to be fine.

We tried the work around and disable/enable unicast routing worked for 1 of 2.  The last one we removed the subnet, and then added it.  

Now all of the 4 seems to be working fine.

6askorobogatov
Level 1
Level 1

‎03-03-2020 12:53 PM

"I have configured vzAny in the VRF"   There is no such thing.Contract could be between 2 EPGs or EPG and VRF(vzany).

In you case you have no issue with the routing : all BDs are on teh same VRF and (presumably) have L3 interfaces. 

So, all you need to worry is security table. So, or you need to have a (1) contracts between  EPGs (using epg-epg or vzany) or (2 ) enable preferred group for VRF and include EPGs or (3) make VRF unrestricted.  

0 Helpful

Geir Sand-Strand
Level 1
Level 1
In response to 6askorobogatov

‎03-03-2020 10:40 PM

See that "vzany configured in the vrf" is inaccurate.  Meant contract under the vrf for all epg's in that vrf to be able to communitcate with each other, rather than having contracts for under each epg.

 

And the solution for us was to disbale/enable unicast routing for the BD for one of the BD's and delete/add subnet for the otehr.  This helped for both.

Now we see the subnets in the routing table under the vrf on the leaf's.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License