03-07-2021 12:16 AM
Hi,
I have configured BD gateway with Unicast routing enabled but cannot ping gateway from the outside network but i can ping an endpoint learned under this BD
L3Out is configured and we can reach the endpoint but not the gateway
Anyone faced this issue
Regards
Rami
03-07-2021 01:44 AM
Hi @Rami Younis
Things to verify:
- BD subnet is externally advertised
- Contract between EPG and ExtEPG is configured
- External Subnet for External EPG is configured to contain the external subnet (either 0.0.0.0/0 or the specific external subnet)
Cheers,
Sergiu
03-07-2021 01:47 AM
all below already verified
- BD subnet is externally advertised. YES
- Contract between EPG and ExtEPG is configured. currently Policy control under VRF is "unenforced"
- External Subnet for External EPG is configured to contain the external subnet (either 0.0.0.0/0 or the specific external subnet) Yes for 0.0.0.0/0
03-07-2021 06:37 AM - edited 03-07-2021 06:37 AM
Are you able to reach your external endpoint from the BD SVI?
(from Border Leaf)
1. Get the VRF name
LEAF_1202# show vrf
<snip>
roberbur-tn:vrf1 57 Up --
<snip>
2. Confirm you see the external route to your device in your ACI vrf
LEAF_1202# show ip route ospf vrf roberbur-tn:vrf1
<snip>
192.168.10.0/24, ubest/mbest: 1/0 <<<< Route to External device
*via 10.1.1.2, eth1/3, [110/44], 06w04d, ospf-default, intra
<snip>
3. Ping from BD SVI to external device (BD SVI is 192.168.11.254)
LEAF_1202# iping -V roberbur-tn:vrf1 -S 192.168.11.254 192.168.10.135
PING 192.168.10.135 (192.168.10.135) from 192.168.11.254: 56 data bytes
64 bytes from 192.168.10.135: icmp_seq=0 ttl=63 time=0.384 ms
64 bytes from 192.168.10.135: icmp_seq=1 ttl=63 time=0.177 ms
<snip>
Robert
03-07-2021 11:35 PM
i can reach outside network from BD SVI as per the below output
Leaf-101# show ip route vrf TEST-tn:TEST-vrf
IP Route Table for VRF "TEST-tn:TEST-vrf"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
0.0.0.0/0, ubest/mbest: 2/0
*via 192.168.150.129, vlan31, [1/0], 03w04d, static
*via 192.168.150.113, vlan14, [1/0], 03w04d, static
Leaf-101#
Leaf-101# iping -V TEST-tn:TEST-vrf -S 172.16.206.1 192.168.150.113
PING 192.168.150.113 (192.168.150.113) from 172.16.206.1: 56 data bytes
64 bytes from 192.168.150.113: icmp_seq=0 ttl=64 time=0.791 ms
64 bytes from 192.168.150.113: icmp_seq=1 ttl=64 time=0.888 ms
64 bytes from 192.168.150.113: icmp_seq=2 ttl=64 time=0.862 ms
64 bytes from 192.168.150.113: icmp_seq=3 ttl=64 time=0.829 ms
64 bytes from 192.168.150.113: icmp_seq=4 ttl=64 time=0.781 ms
--- 192.168.150.113 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.781/0.83/0.888 ms
Leaf-101# show vrf TEST-tn:TEST-vrf
VRF-Name VRF-ID State Reason
TEST-tn:TEST-vrf 6 Up --
Leaf-101#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide