Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
7
Replies

Static Routes & Default Gateway

toy.thompson
Level 1
Level 1

‎09-12-2024 09:35 AM - edited ‎09-12-2024 09:37 AM

I am busy building/configuring a Cisco Catalyst Center (2.3.7.x).
I configured the interfaces based on the configuration guide) as follows:

Enterprise Interface
IP4 Address: X.Y.5.146
IP4 Netmask: 255.255.255.248
Default Gateway IP4 Address:
IP4 DNS Servers: X.Y.8.32 X.Y.8.33
IP4 Static Routes:

Intracluster Interface
IP4 Address: 169.254.V.W
IP4 Netmask: 255.255.255.128
Default Gateway IP4 Address:
IP4 DNS Servers:
IP4 Static Routes:
[X] Cluster Link
Used the pre manufacted cluster configuration)

Management Interface
IP4 Address: X.Y.5.131
IP4 Netmask: 255.255.255.248
Default Gateway IP4 Address:
IP4 DNS Servers: X.Y.8.32 X.Y.8.33
IP4 Static Routes:


Internet Interface
IP4 Address: X.Y.5.138
IP4 Netmask: 255.255.255.248
Default Gateway IP4 Address:X.Y.5.137
IP4 DNS Servers: X.Y.8.32 X.Y.8.33
IP4 Static Routes:

I configured the default gateway on the internet interface as instructed by the configuration guide.

How does the managed devices on (X.Y.A.0/24 and X.Y.B.0/24) and CCC know to use the Enterprise interface for communication. How does the CCC know to reach the subnets it need to forward traffic to the Enterprise VLAN default gateway

How does users accessing the CCC (X.X.X.0/24) and the CCC know to utilise the Management interface for communication.

Labels:
Preview file
2107 KB
0 Helpful
7 Replies 7

maflesch
Cisco Employee
Cisco Employee

‎09-16-2024 09:18 AM

Hi Toy,

Let me see if I can adequately answer your question here.

Lets say you have the following:

PC A - x.y.5.147 /29
PC B - x.y.5.134 /29
PC C - 172.x.x.20 /24

So if I tried to access the Catalyst Center using the following PCs, this would be the response I would get:

PC A - Enterprise
PC B - Management
PC C - Internet

The reason for this is that PC A resides in the same subnet as the Enterprise port, PC B resides in the same subnet as the Management port. However, PC C does not reside in any subnet defined on the Catalyst Center, so it will use the default gateway, and since this resides on the Internet port, that's the port that will communicate to PC C.

Now, with that said, if we want PC C to communicate to the Management port, then we need to add a static route to the Management port, as an example:

172.16.x.x/255.240.x.x/x.y.5.129 <- Assuming you are using the first available IP as the default gateway for that subnet.

The only problem with using static routes is you have to make sure you are not creating computing or overlapping routes. The Linux routing table as Catalyst Center is built on top of Ubuntu, uses the most specified route to direct the traffic. If you are every unsure of which port traffic will go out of, you can issue the following command in the CLI:

ip route get <ip address>

The above will show you which port the traffic will go out of based on the routing you defined in the config wizard. Also, never add a static route or change the IP schema using Linux, always use the config wizard.

0 Helpful

toy.thompson
Level 1
Level 1

‎09-17-2024 02:55 AM - edited ‎09-17-2024 03:10 AM

Thanks for the response I did some digging and managed to find the answer....

1. I have to add the default gateway to the internet port. All unknown routes will be routed out the internet port.

2. I have to add a static route for each of the "managed subnets" (subnets with devices that will be managed by the CCC) to the enterpise interface using the "sudo maglev-config update" command in the cli

3. I have to add a static route to the management interface for all subnets where admin users resides that will access the CCC GUI again using the "sudo maglev-config update" command in the cli

I have picked up a problem with v2.3.7.5-70434 when using the "sudo maglev-config update" command in the cli it gives an error that no cluster link was selected but it does not give you the option to select the cluster link....
I re-imaged the box and run v2.3.5.6-70143 and i am able to run the command without any issues

toythompson_0-1726567713018.png

I also believe there might be a error in the document....enterprise is 1 and 3 and intra-cluster is 2 and 4. I have tested this and I have no connectivity on the enterprise port when connected to 4 as listed in the deployment guide

 

 

0 Helpful

maflesch
Cisco Employee
Cisco Employee

‎09-17-2024 05:05 AM

Hi Toy,

Thanks for bringing this up. Can you provide the link where you got this information?

Also, this appears that you are using a DN3 appliance, is this true? If it is, the DN3 appliance does not support anything prior to 2.3.7.5.

0 Helpful

maflesch
Cisco Employee
Cisco Employee

‎09-17-2024 06:51 AM

Thanks. Yea, due to the changes in the hardware spec for the DN3, the appliance does not support any version prior to 2.3.7.5. Even if you get it to work, it will be a reimage if you need to open a TAC case.

As for the documentation, trying to confirm from that, but you shouldn't get a response from both the primary and secondary ports unless you are using NIC bonding. 

0 Helpful

toy.thompson
Level 1
Level 1
In response to maflesch

‎09-17-2024 08:38 AM

I also found you can add app. 28 static routes to the enterprise interface (v2.3.5.6-70143) then the wizard kicks you out.

0 Helpful

toy.thompson
Level 1
Level 1
In response to maflesch

‎09-17-2024 08:41 AM

so would the recommendation then be to re-image to 2.3.7.x.... then to open a TAC to solve the issue adding routes to the network...and I won't be able to upgrade from 2.3.5.x.

I also saw there is no 2.3.7.x available for appliance only VA

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card