cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1184
Views
5
Helpful
3
Replies

Redistribution from Mp-BGP to OSPF doesnt work

Hi guys!

I have a simple non-standard topology: Palo Alto, and 2 N9K in VPC domain. ( a diagram you can find in attach). I don't have SPINE in my configuration (pls don't asking me why? . It is non production topology yet, only staging.

 

Between Nexuses and Palo Alto I have L2 port-channel (VPC 20), with OSPF over VPC links.

Also , I have 2 hosts:

Host A  - physically connected to Nexus, but  - default gateway is Palo Alto

Host B - belongs to VXLAN fabric, default gateway is Nexus. 

I want to ping from Host A to Host B. When I'm using a static route into VRF configuration toward the  Palo Alto - all work fine. But if  dynamic routing between Palo Alto and N9K (OSPF)  - nothing.  

The redistribution from Ospf to MPBGP  ( and vise versa) was configured, but it doesn't work. 

But OSPF / BGP adjacency is ok on both switches.

 

   
SW02A# sh ip route ospf-100
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>
172.27.30.0/24, ubest/mbest: 1/0
    *via 10.10.10.5, Vlan100, [110/50], 1d02h, ospf-100, intra

 

Some parts of config you can find in attach.

 

May be, can someone explain why this is happening and how I can decide this problem?

 

Thanks in advance!

 

 

 

 

 

 

 

 

 

 

3 Replies 3

HI guys!

No one has any ideas?

grindelwaldus
Level 1
Level 1

Hi, Polina.

Aren't you running into classic routing-over-vpc problem in here? L3 routing over vPC PortChannel is not a supported design:

 

vpc.PNG

 

I'm not 100% sure about your case since you end host is connected - as I see - as orphan, not as another vPC PC member. Though here similar problem's discussed and someone claims:

"Just want to comment on the about statements - packet went over the peer-link and then inter-VLAN routed by the SVI still subject to the vPC loop prevention check."

 

Anyway this is clearly is not a supported design. Why don't you just use two separate L3 links?

Also didn't you mean to run OSPF inside vrf VXLAN-900329? In your current config OSPF is in GRT and you're trying to import routes from GRT to VRF and vice versa. The right way to do this seems to just run OSPF in VRF on Nexus' side.

Review Cisco Networking for a $25 gift card