Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2546
Views
15
Helpful
3
Replies

ACI endpoint issue

Pawan Raut
Level 4
Level 4

‎12-09-2020 12:48 AM

I have connected the VMware on one of the leaf switches let say switch 6. I can see the endpoint mac address on leaf 6 from one of the physical ports but I don't see the mac address of that endpoint on leaf1 which is a border leaf connecting L2 external network.

 

what could be an issue any hint?

3 Replies 3

Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎01-18-2021 01:58 AM - edited ‎01-18-2021 01:59 AM

Hi @Pawan Raut 

You do not learn the Remote MAC because one of the two scenarios:

1. There is traffic with that SMC being sent to the border leaf

2. You have disabled the "Endpoint Data Plane Learning" on BD.

 

Of course, there is also the possibility to encounter a bug, but I would suggest first to verify scenario #1 or #2.

 

Stay safe,

Sergiu

0 Helpful

RedNectar
VIP
VIP

‎01-18-2021 11:54 AM

Hi @Pawan Raut ,

I think Sergiu had the right answer in his head, but it got garbled (possibly auto-correct played a part too)

The two scenarios he suggested SHOULD have read:

  1. There is NO traffic with that MAC being sent to the border leaf
  2. You have disabled the "Endpoint Data Plane Learning" on BD.

Let me explain #1 a bit more - hopefully interpreting "I have connected the VMware on one of the leaf switches" correctly.

Firstly, I'll assume you mean that you have connected an ESXi Host to one of the leaf switches rather than the VMware vCenter management platform. (Sorry to be pedantic, but it matters)

Now that ESXi host will have a MAC address associated with the port that is connected - you rarely see any traffic from this MAC address, and if you do it is likely to be control packet of some kind such as an LACP multicast. You would not expect to see this MAC address on any other leaf because the ESXi host does not send traffic sourced with this MAC (unless it is assigned a vmk interface for say vmotion purposes)

The other (more likely) possibility is that you see MAC addresses that belong to the guest VMs that are hosted on that ESXi Host.  And this is where #1 really comes into play.

You will see the MAC address of that VM on the leaf that the VM is attached to, and any other leaf that if has layer 2 communication with - JUST LIKE ANY OTHER L2 topology - the difference being that that VM's broadcasts may not be flooded to (in your case) the border leaf.

So, what you need to investigate is whether the MAC address in question has any reason to communicate at layer2 with any device on the border leaf. If it doesn't, then you are seeing exactly what you should expect to see.

 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to RedNectar

‎01-18-2021 12:38 PM

Hi Chris,

That's exactly what I wanted to write: "NO traffic with that MAC being sent to the border leaf". 

But I have an excuse for my typos: sometimes I think ahead of what I want to write and when I actually type I forgot some words, and also I have fat fingers  

 

Thanks,

Sergiu

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License