Hi Tomas,

Sure, I'll follow that. Thank you. Please find my answers below. 

• Are you using Static Bindings (Paths) on the EPG?

Yes, I am using static bindings.  referring to below document.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Deploying_EPG_on_Specific_Port.html

• What ACI firmware version are you running? (Assumption is that you are running 1.2(1i) or later)

I am using 1.0(3f).

• Please provide the output from the APIC CLI command "show epg <epg_name> detail".  Substitute your EPG Name with issue for <epg_name>.

I get the below output after executing that command

admin@apic1:WEB> show epg WEB
Unknow scope: epg WEB
admin@apic1:WEB>

• Please provide the output from the APIC CLI command "show bridge-domain <bd_name> detail". Substitute your BD Name (associated with EPG) with issue for <bd_name>.  Note: Since you are extending the L2 domain, the BD configuration should be configured to "flood",

I haven't created any BD, as my idea is deploy EPG on two leaf ports where switches are connected and make them communicate. not extending any L2 domain.

• Please provide "show lldp neighbors" from the leaf(s) and externally connected switches.

Leaf1# show lldp neighbors
Capability codes:
(R) Router, (B) Bridge, (T) Telephone, (C) DOCSIS Cable Device
(W) WLAN Access Point, (P) Repeater, (S) Station, (O) Other
Device ID Local Intf Hold-time Capability Port ID
apic1 Eth1/1 120 58:f3:9c:24:2e:67
apic2 Eth1/2 120 58:f3:9c:24:30:6f
apic3 Eth1/3 120 58:f3:9c:24:33:c9
switch Eth1/4 120 B Eth1/1
switch Eth1/5 120 B Eth1/2
switch Eth1/7 120 BR Eth1/1
Spine1 Eth1/49 120 BR Eth1/1
Spine2 Eth1/50 120 BR Eth2/1
Total entries displayed: 8

Switches are connected on leaf1 ports 1/4&1/7

• What are the intended VLANs to Trunk?

intended to use only one Vlan 200 and configured it as encap vlan-200 on both the ports.

• Are the connections single interface connections or VPC's?

Single interface connections.

• Is physical layer up on the connections between Leaf(s) ports and External Switches?

Yes.

• Are there any faults on the EPG?  If so, please provide the detailed information regarding those faults.

None.

Please let me know if you need any other data.

Since you are running 1.0, the APIC CLI commands will not work.  The iNXOS CLI commands introduced in 1.2.   So, please paste a screen shot from the static bindings screen of the EPG.

Thanks,

T. 

Hi Tomas,

Please find the attached screen shot of static bindings of EPG WEB.

Ramu,

You are trying to setup a "Trunk" to your external switches so you need to configure MODE "Tagged".  You have untagged right now.

T.

Hi Tomas,

I was using access mode on my end switches thinking that  the frames will go untagged and so i configured untagged on EPG binding. However, i changed it to tagged and trunk mode on my switches, but i am not able to ping. i am not sure what i am missing here. please find the attached screen shot and below  config from end switches.

Config from N5K-1:

==============

interface Ethernet1/1
switchport mode trunk

N5K-1# sh run int vlan 200

!Command: show running-config interface Vlan200
!Time: Tue Jun 15 04:59:13 2010

version 5.2(1)N1(4)

interface Vlan200
no shutdown
ip address 192.168.1.1/24

Config from N3K:

============

interface Ethernet1/1
switchport mode trunk

N3K# sh run int vlan 200

!Command: show running-config interface Vlan200
!Time: Tue Jan 5 05:02:46 2016

version 5.0(3)U3(2b)

interface Vlan200
no shutdown
ip address 192.168.1.2/24

N3K# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1): 56 data bytes
Request 0 timed out
Request 1 timed out
Request 2 timed out
Request 3 timed out
Request 4 timed out

--- 192.168.1.1 ping statistics ---
5 packets transmitted, 0 packets received, 100.00% packet loss

For each interface on each External Switch you need:

interface Ethernet1/1
switchport mode trunk
switchport trunk allow vlan 200

Also, as I mentioned above.. Is flooding configured on the BD?

The EPG is associated with a BD.  Once you configure a BD and associate the EPG to the BD and configure the external switches to allow vlan 200, things shoould work as expected.

Cheers!

T.

Hi Tomas,

Yes, I have enabled the flooding on the BD. Please find the screen shot attached. 

Config on N3K:

N3K# sh run int eth1/1

!Command: show running-config interface Ethernet1/1
!Time: Wed Jan 6 08:09:17 2016

version 5.0(3)U3(2b)

interface Ethernet1/1
switchport mode trunk
switchport trunk allowed vlan 200

Config on N5K1:

interface Ethernet1/1
switchport mode trunk
switchport trunk allowed vlan 200

N5K-1# sh run int vlan 200

!Command: show running-config interface Vlan200
!Time: Wed Jun 16 08:07:18 2010

version 5.2(1)N1(4)

interface Vlan200
no shutdown
ip address 192.168.1.1/24

What else i might be missing? Do i have to create a Private network as well? I thought BD and Private network are not needed. 

Yes a VRF is needed.

Tenant-> VRF-> BD -> AP-> EPG

You may want to look at the ACI Fundamentals Guide:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI_Fundamentals_BigBook_preface_01101.html

Also, take a look at some of the Cisco Live Presentations and since you are internal, you have a valuable resource in the ACI Techzone Forum.

Cheers!

T.

Hi Tomas,

Thank you. 

I have upgraded my firmware from 1.0(3f) to 1.1(2k).

Now i have created VRF--BD--EPG however, I am unable to ping.

one more thing. I guess i don't have to use AEP to deploy vlan on leaf port as i am doing it through static binding . please correct me if i am wrong. 

Thanks,

Ramu.

attaching another output.

Hi Tomas,

I have configured the steps and the ping started working.

Step1: Created the vlan pool.

Step2:Created external bridge domain and associated it with the vlan pool created.

Step3: Created AEP and mapped it to the bridge domain.

Step4: Created the below switch profile following with interface profile, interface selector and interface policy.

Switch profile [l2-domain-sp1]----àInterface profile [l2-domain-intselector1]---à Interface selector [l2-domain-intsel] (I have selected  1/4, 1/7   as they belong to same node) ---à Interface policyGroup [l2-domain-IntPolGrp].

Step5: statically bind the interfaces to the EPG.

I have another idea of adding  my N5K2 which is connected to  leaf1 port 1/5 to EPG. So, All I have to do is edit the interface selector and add 1/5 in it and  bind the interface to EPG statically. So that I don’t have to create all the policies again.

But the problem I am facing is, I cannot edit the interface  profile and add 1/5 to interface selector. Do we have such option ?

Regards,

Ramu.