I have found, possibly, a bit of an issue.
Our Cisco APIC use exclusively OOB management. In order to join the vCenter server to deploy magically the DVS, the APIC has no other choice but to use the OOB network.
However, the vCenter server is on a subnet 172.17.17.0/24 and the APIC is not able to reach it because, apparently, there is a docker interface inside that overlaps the network.
admin@APIC-1:~> ip route
default via 10.101.1.254 dev oobmgmt metric 16 <<<<<<<<<< OOB
10.50.0.0/16 via 10.50.0.30 dev bond0.3967 src 10.50.0.3
10.50.0.30 dev bond0.3967 scope link src 10.50.0.3
10.101.0.0/23 dev oobmgmt proto kernel scope link src 10.101.0.13
169.254.1.0/24 dev teplo-1 proto kernel scope link src 169.254.1.1
169.254.254.0/24 dev lxcbr0 proto kernel scope link src 169.254.254.254
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 >>>>>>>> Docker subnet thqt overlaps the vCenter IP
APIC-3-NXCAPE007R# ping 172.17.17.10 >>>>>>>>>>>>>> Try to ping the vCenter
PING 172.17.17.10 (172.17.17.10) 56(84) bytes of data.
From 172.17.0.1 icmp_seq=1 Destination Host Unreachable >>>>>>> The Docker Interface replies
From 172.17.0.1 icmp_seq=2 Destination Host Unreachable
From 172.17.0.1 icmp_seq=3 Destination Host Unreachable
From 172.17.0.1 icmp_seq=4 Destination Host Unreachable
What is this docker0 interface doing there?
Have you had this issue before?
Should I try to add static routes for the OOB to reach the vCenter properly via the OOB GW?
Can I shut down this docker0 interface?
Solved! Go to Solution.