Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
0
Helpful
0
Replies

ICMP contracts in ACI

sridcloud
Level 1
Level 1

‎06-12-2024 06:50 AM - edited ‎06-12-2024 06:56 AM

I have an ESG and External EPG (SR-MPLS L3out based). I created a 'ICMP' contract with 'icmp' filter in it. I attached this contract as 'consumer' on the ESG and 'provided' on the EEPG. I can then ping EEPG endpoint from ESG endpoint. But I am also able to initiate ping from EEPG endpoint to ESG endpoint. Is this normal?

I replaced the 'ICMP' contract with SSH contract (TCP port 22 in the filter) and I do not see this behavior. I can only initiate SSH traffic from ESG endpoint to EEPG endpoint. I cannot ssh from EEPG endpoint to ESG endpoint.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents