remote mac learning via l3out when packet is ARP traffic on L3out SVI

kumarH · ‎09-20-2019

I found below note in cisco white paper i.e 739989 - end point learning but unable to understand it.

"An exception exists for remote MAC address learning when a packet is incoming from L3Out to Cisco ACI. If ARP traffic is coming from an L3Out SVI rather than a routed-port sub-interface, ARP traffic is flooded to other leaf switches with the same L3Out SVI. This behavior could cause remote MAC address learning on another border leaf switch."

What is the meaning of other leaf switches here? doesn't he referring to border leaf?

and how the another border leaf switch will learn it?

Timothy Rothenberg · ‎09-21-2019

That caveat is specifically for the "scenario 2" in the whitepaper, which is remote endpoint learning through the dataplane with an incoming packet on an L3out. The default behavior of an ACI leaf is to not learn the MAC (or IP) of an endpoint if it is located on the L3out of another leaf; caching every IP/MAC would utilize an insane amount of resources and there's really no reason for it. This behavior is overridden in the case where you have an L3out SVI spanning multiple leafs: ARP traffic traffic is flooded to other (border) leafs that are part of that L3out SVI, which will trigger remote MAC learning on those other leafs.