Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2432
Views
10
Helpful
4
Replies

L3Out encap with sub-interface

Go to solution
Jeremy Dubrulle
Level 1
Level 1

‎01-21-2021 09:35 AM

Hi!

 

I see in the documentation that when we have 1 L3out with 2 nodes with each an SVI connected to a different router, a shared BD is created between the nodes (https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/guide-c07-743150.html#L3Outstaticroutes). I put the picture I'm interested in in the attachment.

 

I don't understand how it works with subinterfaces. I have 1 L3Out, 2 nodes, 1 external router.

One subif on the first leaf is connected to the router with encap 21 and another subif is also connected to the router with same encap 21. There is also an encap-21 for another leaf to the same router.

What does this mean ?

I provide you the xml lines to understand better.

 

 

<l3extRsPathL3OutAtt addr="10.3.239.24/31" annotation="" autostate="disabled" descr="" encap="vlan-21" encapScope="local" ifInstT="sub-interface" ipv6Dad="enabled" llAddr="::" mac="00:22:BD:F8:19:FF" mode="regular" mtu="1500" tDn="topology/pod-2/paths-2425/pathep-[eth1/30/1]" targetDscp="unspecified"/>
<l3extRsPathL3OutAtt addr="10.3.239.30/31" annotation="" autostate="disabled" descr="" encap="vlan-21" encapScope="local" ifInstT="sub-interface" ipv6Dad="enabled" llAddr="::" mac="00:22:BD:F8:19:FF" mode="regular" mtu="1500" tDn="topology/pod-2/paths-2415/pathep-[eth1/30/2]" targetDscp="unspecified"/>
<l3extRsPathL3OutAtt addr="10.3.239.32/31" annotation="" autostate="disabled" descr="" encap="vlan-21" encapScope="local" ifInstT="sub-interface" ipv6Dad="enabled" llAddr="::" mac="00:22:BD:F8:19:FF" mode="regular" mtu="1500" tDn="topology/pod-2/paths-2425/pathep-[eth1/30/2]" targetDscp="unspecified"/>
<l3extRsPathL3OutAtt addr="10.3.239.22/31" annotation="" autostate="disabled" descr="" encap="vlan-21" encapScope="local" ifInstT="sub-interface" ipv6Dad="enabled" llAddr="::" mac="00:22:BD:F8:19:FF" mode="regular" mtu="1500" tDn="topology/pod-2/paths-2415/pathep-[eth1/30/1]" targetDscp="unspecified"/>
Labels:
Preview file
498 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎01-21-2021 10:14 AM - edited ‎01-21-2021 10:15 AM

Hi @Jeremy Dubrulle 

So based on the config, you have something like this:

Screenshot 2021-01-21 201206.png

 

If the question is "are the L3 subinterfaces part of the same broadcast domain/internal bridge domain?" the answer should be no. The reason for this is because the parent interface is L3 interface (no switchport), so the broadcast domain ends on the physical port.

This is just my presumption without any testing, but I would be surprised to see the broadcast domain being extended between subinterfaces, regardless of having same encapsulation type.

However, even if the flood domain is extended between the interfaces, the L3 Subnets are different so it wouldn't matter too much, right?

 

Cheers,

Sergiu

View solution in original post

4 Replies 4

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎01-21-2021 10:14 AM - edited ‎01-21-2021 10:15 AM

Hi @Jeremy Dubrulle 

So based on the config, you have something like this:

Screenshot 2021-01-21 201206.png

 

If the question is "are the L3 subinterfaces part of the same broadcast domain/internal bridge domain?" the answer should be no. The reason for this is because the parent interface is L3 interface (no switchport), so the broadcast domain ends on the physical port.

This is just my presumption without any testing, but I would be surprised to see the broadcast domain being extended between subinterfaces, regardless of having same encapsulation type.

However, even if the flood domain is extended between the interfaces, the L3 Subnets are different so it wouldn't matter too much, right?

 

Cheers,

Sergiu

Go to solution
Jeremy Dubrulle
Level 1
Level 1
In response to Sergiu.Daniluk

‎01-21-2021 11:51 PM

Hi Sergiu,

 

Thank you for your answer.

 

Yes it seems like it can't be part of an extended broadcast domain between the subinterfaces. I was wondering if there was some consideration behind the fact that the same encap is used. You mean that it has no signification and it is like having different encap because we are using subif ? I was thinking if the encap had a port or switch significance but I guess as you said it is L3 routed port and it has no importance.

 

Thanks!

 

Jérémy

0 Helpful

Go to solution
RedNectar
VIP
VIP
In response to Jeremy Dubrulle

‎01-22-2021 03:09 AM

Hi @Jeremy Dubrulle ,

I'm not quite sure what you are TRYING to achieve, BUT

If you WANT an internal BD to be created between two leaves you must:

  1. Use SVI interfaces (NOT sub-interfaces)
  2. Define both nodes under the same L3Out and same Node Profile (actually, you may not NEED to use the same Node profile, but it would be a good idea)

However, your use of /31 addresses makes me think that you want to set up point-to-point links, in which case you'd want a different VLAN for each link.

@Sergiu.Daniluk's comments are right on target - 

  • Given your configuration and subnetting, it would make no difference if the two sub-interfaces shard a BD - so what are you trying to achive? 

One final point though, if you WANTED to see if the two VLAN 31s on the same leaf are on the same broadcast domain, issue this command:

fabric 2415,2425 show vlan extended

and check what the internal vlan mapping is on each port.

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Go to solution
Jeremy Dubrulle
Level 1
Level 1
In response to RedNectar

‎01-24-2021 03:02 PM

Hi Chris,

 

Thanks for your explanation.

 

In fact that is an architecture I've seen but I can't ask why it has been done like that to the customer. So I try to understand what it could mean

 

I've understood that the answer to my interrogation is probably that in the interface policy group, the vlan scope is local to the port and that's it. There is no special behavior for subif with same encap between nodes.

 

Thank you guys!

 

Jérémy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License