Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
1364
Views
0
Helpful
5
Comments

Cisco ACI - Can ping gateway (BD) but not endpoints

NInja Black
Level 1
Level 1
‎08-17-2020 07:20 PM

 I can ping the gateway from a switch connected through L3Out (ospf) but not the VMs. I see the VM IPs under operational tab of the EPG and they are being learned. I see all the routes being learned through OSPF on the L3Out. Also I can see the ospf external -2 route for the network from the exernal L3 Switch.

 

Is there anywhere on the L3Out config I need to 'allow' this network to be advertised outside the fabric? Just checking 'advertise externally' and associating to adding) the L3Out under the BD config should be enough correct? 

Labels:
0 Helpful
5 Comments
scherrav
Cisco Employee
Cisco Employee
‎08-18-2020 11:27 AM
‎08-18-2020 11:27 AM

Are the EPGs and L3out in same VRF?

Do you have contracts setup for the EPG and the L3out?

From the leaf where you learn the VMs, are you able to ping them?

Under L3out are you allowing the subnets you want into ACI? Alternately you can use 0.0.0.0/0

0 Helpful
sharmayogita
Level 1
Level 1
‎06-16-2023 07:58 AM
‎06-16-2023 07:58 AM

Hi folks, I am also facing the same issue where the BD gateway is reachable but endpoint is not even pinging from the L3 switch where the L3 OUT is connected and OSPF configured. This L3 switch is learning the endpoint host route i.e./32 route.

0 Helpful
scherrav
Cisco Employee
Cisco Employee
‎06-23-2023 01:31 PM
‎06-23-2023 01:31 PM

@sharmayogita 

1. BD gateway is reachable >> from where?

2. endpoint is not even pinging from the L3 switch >> does the endpoint have a firewall blocking pings?

 

0 Helpful
sharmayogita
Level 1
Level 1
‎06-25-2023 10:06 PM
‎06-25-2023 10:06 PM

Thanks for your reply 

1. BD gateway is reachable >> from where? BD gateway is reachable from the L3 switch with which L3 OUT and OSPF is configured and in fact reachable from outside network.

2. endpoint is not even pinging from the L3 switch >> does the endpoint have a firewall blocking pings? No it doesn't have any firewall blocking. We tested with different endpoints but behavior is same. Additionally, external network is reachable and services like MS teams and all available from the endpoint though its not pinging from outside.

0 Helpful
scherrav
Cisco Employee
Cisco Employee
‎06-26-2023 04:49 AM
‎06-26-2023 04:49 AM

If the host is unable to ping the BD SVI (which is its gateway), please double check if the host/endpoint has the correct gateway configured.

If BD SVI is pingable from host, then make sure you have permit contract between L3out and host EPG. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents