cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
392
Views
0
Helpful
5
Replies
Highlighted

ACI multiple L3outs on same Leaf

Hello,

 

I have configured 2 different L3outs with interfaces on the same leafs. 

However, all routes that should be advertised only to the first L3out are being advertised also to the second one without adding it to the associated L3 in the bridge domain.

I  believe that this problem is happening since the ospf process on the leafs is the same for both L3outs.

How can i solve this issue

Everyone's tags (4)
5 REPLIES 5
Beginner

Re: ACI multiple L3outs on same Leaf

Hello Ziad,

When you say "advertised to the L3out", do you mean advertised from the L3out towards the external device?

Are your both L3out part of the same VRF?

 

Remi Astruc

 

Re: ACI multiple L3outs on same Leaf

Yes, when i say advertised to the L3out I mean the subnet on the bridge domain that is being advertised from the L3out to the external device.

Both L3outs are in the same VRF

Beginner

Re: ACI multiple L3outs on same Leaf

Hello,

So it works as expected when using OSPF in ACI.

Here is the document:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/L3_config/b_Cisco_APIC_Layer_3_Configuration_Guide/b_Cisco_APIC_Layer_3_Configuration_Guide_chapter_011.html#id_66753

Bridge domain route advertisement For OSPF and EIGRP

When both OSPF and EIGRP are enabled on the same VRF on a node and if the bridge domain subnets are advertised out of one of the L3Outs, it will also get advertised out of the protocol enabled on the other L3Out.

For OSPF and EIGRP, the bridge domain route advertisement is per VRF and not per L3Out. The same behavior is expected when multiple OSPF L3Outs (for multiple areas) are enabled on the same VRF and node. In this case, the bridge domain route will be advertised out of all the areas, if it is enabled on one of them.

 

Remi Astruc

 

Rising star

Re: ACI multiple L3outs on same Leaf

Hi @Ziad El Achkouty ,

 

Let me point you to a previous answer I gave about L3 Outs: https://community.cisco.com/t5/application-centric/l3out-vrf-loopback-ip-error/td-p/3797933

The point is, L3Outs are confusing.  Teach yourself to believe that there is no such thing as a L3 Out - just leaf switches that are routers.  So if you have two interfaces in the same VRF on the same router, routes will be learned and advertised from one to the other, although if using BGP you can tweak this a little.

So the thing to ask is, "Is the route advertising causing a problem". If not, you don't have a problem.  You can control what traffic goes THROUGH the router easily with contracts and live with the routes being advertised, like you probabaly would on a normal router.

 

RedNectar
aka Chris Welsh


Don't forget to mark answers as correct if it solves your problem. This helps others find the correct answer if they search for the same problem

Beginner

Re: ACI multiple L3outs on same Leaf

You can have more control if you advertised the routes via a route map created on the L3out instead of associating the L3out to the BD.

This will also give you more control if you need to summarize routes.

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards