Re: Service Node insertion using pbr on 5.2(3e)

guri shienh · ‎08-08-2023

I am testing out a basic two arm service node(Palo alto physical FW) insertion using L3 PBR. The Deployed graph instance shows the State as applied, but the endpoints are not getting installed in the leaf where firewall is connected. Topology is something like this-

All endpoints(including FW) are in same Tenant and VRF.

Leaf1--EPG1(BD1) --server

Leaf1---EPG2(BD2) --client

Leaf3--BD3----FW-----BD4---Leaf3 (2 arms)

If i check under Services >>L4-L7>>Deployed Graph Instances>>>"Deployed instance">>Function Node>"show usage" , I get an error saying that "target path cannot be identified......., please specify targeted path....". But the Function connectors show consumer and provider with encaps and class IDs .

The "show vlan extended" command on Leaf3, shows the vlans deployed, but "show endpoint vrf X" doesn't show the FW endpoint.

hemohemoh · ‎08-28-2023

hi @guri shienh !

I would suggest to check the configuration of your Service Node and ensure that all necessary parameters are correctly set. You may also want to verify that the target path is correctly specified and that there are no issues with the connectivity between the Service Node and the leaf where the firewall is connected.

Also, you mentioned that the “show vlan extended” command on Leaf3 shows the VLANs deployed, but “show endpoint vrf X” doesn’t show the FW endpoint. This could indicate an issue with the configuration of your VLANs or with the endpoint registration process. You may want to check your VLAN configuration and ensure that all necessary VLANs are correctly configured and deployed. Try to verify that the endpoint registration process is working correctly and that all necessary endpoints are being correctly registered.

Cheers!