cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Ask the Expert-Phone migration
119
Views
5
Helpful
3
Replies
Highlighted
Participant

L3out and external EPG (l3extInstP)

Hi community,

I created various l3outs in my fabric including one in the infra tenant for mPod.

I want to automate everything to get rid of the CLI and GUI.

 

Everything works so far including the multipod, but I have the following errors in my fault log for each l3out interface id. The source is the external EPG (l3extinstP) under the l3outs:

Fault code: F0467

configuration-failed - Fault delegate: Configuration failed for uni/tn-infra/out-multipod/instP-EPG-L3OUT-MPOD-CORE node 101 eth1/65 due to Invalid Path Configuration, debug message: invalid-path: Either the EpG is not associated with a domain or the domain does not have this interface assigned to it;

 

So first things first:

The routed interfaces are configured under the l3out in the external interface profiles (l3extLIfP). So, from my understanding, there must not be any fabric/access  interface policy group for these kind of interfaces, right? The l3outs are assigned to the correct external domais.

3 REPLIES 3
Participant

Re: L3out and external EPG (l3extInstP)

Just to follow up. For the mPod L3out I'm obiously hitting CSCvh06474 / CSCvb46222
This doesn't explain the errors for the other (non-mPod) l3outs

Cisco Employee

Re: L3out and external EPG (l3extInstP)

For the non mPOD L3 outs you need all the access policies. The interface policy group will tie to an AAEP which will map to your L3 domain.

Participant

Re: L3out and external EPG (l3extInstP)

Hey micgarc2,

thanks for the explaination. I did this and got another error. My L3Out physical ports are trunks, consisting of routed sub-interfaces (muliple l3outs of different VRFs are using the same physical port...each VRF L3out has dedicated transit VLANs / typical firewall-on-a-stick design).

 

Fault delegate: Configuration failed for node <NODE-ID> due to Interface Configured as L3, debug message: port-configured-as-l3: Port has one or more layer3 sub-interfaces;

 

My Access Policy (infraAccPortGrp) just consists of a CDP and LLDP policy (both enabled) and the AEP, holding the l3 domain with the correct VLAN pool (containing the l3out transit VLAN IDs).

CreatePlease to create content
ask the Expert- Cisco's Branch Routing Portfolio