I have 4 Spine switches and 16 leaf switches in my ACI environment
Under the Fabric, below each node, (Spine or Leaf) I could see a number of tunnel Interfaces configured.
When I check the EPG Information of a specific server under the Fabric Inventory or via the Application Profile, I could see in the Interface column that the End Point is learnt via a VPC Interface or a Tunnel Interface.
When I checked in all the leaf and spine switches, I do not find the tunnel destination IP address to be configured anywhere. Please clarify on the tunnel interfaces, how they are configured and how to we check the communication between nodes via tunnels, why a MAC or End Point is getting learnt via the Tunnel
Secondly, I could see that in a VRF the same IP address is configured across leafs as a Default Gateway of various Bridged Domains. Why does it not create IP conflict of how does ACI handle this IP Conflict.
A few responses given my assumptions on what you are asking.
1. Assuming you are referring to the TEP (Tunnel Endpoint) addresses assigned to the leaves, those are assigned via DHCP from the APICS as the switch nodes are provisioned into the fabric via Fabric membership.
2. Depending on if you are using some integration with opflex, it may be possible to learn endpoints via tunnels as well as locally via some VPC or interface. It may also show as a tunnel learned endpoint if it is learned locally on another leaf node.
3. ACI spawns the SVI gateways (Pervasive Gateway) on all leaves that need it. Need for a gateway to be programmed on a leaf typically implies that some Endpoint has been learned within that EPG or some static binding exists on that leaf/path on that leaf.
Please reference the following articles for more information on "how":
Think of tunnel interfaces as a "next-hop" for reaching a specific destination. You can observe that tunnel interfaces are being used when issue the command "show endpoint ip <IP> or mac <MAC>", once obtained the tunnel interface, you can then find out the IP address via
"show interface tunnelx", and then issue "acidiag fnvread | grep <tunnel IP>" to find out which switch the tunnel IP is on. If it's a vPC IP address, you can do a moquery on APIC to find out which vPC pair the IP is picked up from, hence identify the switch.
Listen: https://smarturl.it/CCRS9E1 Follow us: https://twitter.com/ciscochampions
Join us for an informal discussion on why enterprise microservices architectures rely on open source service mesh, such as Istio, to secure, connect, obser...
From Vsphere Version 6.6 onwards Basic LACP is not supported, this post is to go through the steps required for the Enhanced LACP configuration when using VMM integration with ACI.
To configure Enhanced LACP please make su...
Listen: https://smarturl.it/CCRS8E50Follow us: https://twitter.com/ciscochampion Demystify your hybrid cloud network automation and operations. With its “one-view” presentation of all your hybrid cloud network sites, Cisco Nexus Dashboard enables IT opera...
※この はじめての Intersight Workload Optimizer / How To "Community" サイトで公開させていただいている情報は、Intersight Workload Optimizer に関わるナレッジを共有させて頂くことを目的としております。なるべく情報の正確性には努めてはおりますが、本 Community サイトで公開させて頂いている情報に基づいておこなわれた構成その他あらゆる設定に関してシスコとして一切の責任を持つことはできませんので、必ず公式なドキュメント、ガ...