Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1430
Views
0
Helpful
4
Replies

Unable to ping BD Gateway ACI

Rami Younis
Level 1
Level 1

‎03-07-2021 12:16 AM

Hi,

 

I have configured BD gateway with Unicast routing enabled but cannot ping gateway from the outside network but i can ping an endpoint learned under this BD

 

L3Out is configured and we can reach the endpoint but not the gateway

 

Anyone faced this issue

 

Regards

Rami

Labels:
0 Helpful
4 Replies 4

Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎03-07-2021 01:44 AM

Hi @Rami Younis 

Things to verify:

- BD subnet is externally advertised

- Contract between EPG and ExtEPG is configured

- External Subnet for External EPG is configured to contain the external subnet (either 0.0.0.0/0 or the specific external subnet)

 

Cheers,

Sergiu

0 Helpful

Rami Younis
Level 1
Level 1
In response to Sergiu.Daniluk

‎03-07-2021 01:47 AM

Hi @Sergiu.Daniluk 

 

all below already verified

 

- BD subnet is externally advertised. YES

- Contract between EPG and ExtEPG is configured. currently Policy control under VRF is "unenforced"

- External Subnet for External EPG is configured to contain the external subnet (either 0.0.0.0/0 or the specific external subnet) Yes for 0.0.0.0/0

0 Helpful

Robert Burns
Cisco Employee
Cisco Employee
In response to Rami Younis

‎03-07-2021 06:37 AM - edited ‎03-07-2021 06:37 AM

Are you able to reach your external endpoint from the BD SVI?

(from Border Leaf)

1.  Get the VRF name

LEAF_1202# show vrf

<snip>
roberbur-tn:vrf1 57 Up --

<snip>

2. Confirm you see the external route to your device in your ACI vrf

LEAF_1202# show ip route ospf vrf roberbur-tn:vrf1

<snip>
192.168.10.0/24, ubest/mbest: 1/0     <<<< Route to External device
*via 10.1.1.2, eth1/3, [110/44], 06w04d, ospf-default, intra

<snip>

3. Ping from BD SVI to external device (BD SVI is 192.168.11.254)

LEAF_1202# iping -V roberbur-tn:vrf1 -S 192.168.11.254 192.168.10.135
PING 192.168.10.135 (192.168.10.135) from 192.168.11.254: 56 data bytes
64 bytes from 192.168.10.135: icmp_seq=0 ttl=63 time=0.384 ms
64 bytes from 192.168.10.135: icmp_seq=1 ttl=63 time=0.177 ms

<snip>

Robert

0 Helpful

Rami Younis
Level 1
Level 1
In response to Robert Burns

‎03-07-2021 11:35 PM

Hi @Robert Burns 

 

i can reach outside network from BD SVI as per the below output

 

Leaf-101# show ip route vrf TEST-tn:TEST-vrf
IP Route Table for VRF "TEST-tn:TEST-vrf"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 2/0
*via 192.168.150.129, vlan31, [1/0], 03w04d, static
*via 192.168.150.113, vlan14, [1/0], 03w04d, static

 

 

Leaf-101#
Leaf-101# iping -V TEST-tn:TEST-vrf -S 172.16.206.1 192.168.150.113
PING 192.168.150.113 (192.168.150.113) from 172.16.206.1: 56 data bytes
64 bytes from 192.168.150.113: icmp_seq=0 ttl=64 time=0.791 ms
64 bytes from 192.168.150.113: icmp_seq=1 ttl=64 time=0.888 ms
64 bytes from 192.168.150.113: icmp_seq=2 ttl=64 time=0.862 ms
64 bytes from 192.168.150.113: icmp_seq=3 ttl=64 time=0.829 ms
64 bytes from 192.168.150.113: icmp_seq=4 ttl=64 time=0.781 ms

--- 192.168.150.113 ping statistics ---
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max = 0.781/0.83/0.888 ms

Leaf-101# show vrf TEST-tn:TEST-vrf
VRF-Name VRF-ID State Reason
TEST-tn:TEST-vrf 6 Up --

Leaf-101#

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License