Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1015
Views
0
Helpful
7
Replies

VRF-Lite in NX-OS: Why can't I see ARP entry for interface in VRF?

gopher73
Level 1
Level 1

‎07-21-2021 02:46 PM - edited ‎07-21-2021 02:52 PM

I have configured vrf-lite lots before in IOS and IOS-XE, but this is first time in NX-OS.

 

We have a brand-new 10Gbps L2 fibre service to connect two sites together, but I want to test it before trying to migrate production traffic to it.  All I’m trying to do is to configure VRF lite with a new test VRF on the switch at each end, configure the ports on either end in this test VRF as non-switchports (L3 interfaces) and thereby isolating this link from the default VRF so that I can do basic end-to-end ping testing between the switches without risk of impacting the production network. 

 

At one end, the circuit terminates on a Catalyst 9K, and with my test VRF (just called “test”) and the interface added everything looks as it should.  I can even see an arp entry for the newly-configured interface in vrf "test".   However, on the Nexus 3172 at the other end, I do NOT see an arp entry for my newly-configured 10 Gbps interface, which is plugged into the service-provider device and UP.   Is this normal?   There are arp entries on the same switch for other interfaces in vrf management and vrf default, but does NX-OS not show the arp entry for the physical interface the way IOS/IOS-XE does?  What am I missing?  Does anything else need to be added to vrf-lite config in NX-OS to be able to see arp entries for IP interfaces in the vrf?

 

Thanks in advance.

 

 

 

Labels:
0 Helpful
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎07-21-2021 03:03 PM

Is the interface layer 3 ? how about show mac address-table?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

gopher73
Level 1
Level 1
In response to balaji.bandi

‎07-21-2021 03:07 PM

Yes, I forgot to mention it is an L3 interface.   I'm looking at the "show ip arp vrf test" output and getting nothing.

 

Interestingly, when I look at the management VRF arp table I don't see the MAC address or IP address of interface Mgmt0 either.  Perhaps I've answered my own question - that NX-OS doesn't show local interface ARP entries, only connected ARP entries?

 

 

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee

‎07-21-2021 04:06 PM - edited ‎07-21-2021 04:29 PM

Hi @gopher73 ,

 

I have this basic setup working with the following configuration:

 

RTR1# sh runn int e1/1

interface Ethernet1/1
no switchport
vrf member test
ip address 192.168.12.2/24
no shutdown

RTR1# sh runn int e1/2

interface Ethernet1/2
no switchport
vrf member test
ip address 192.168.23.2/24
no shutdown

RTR1# sh runn vrf test

vrf context test
address-family ipv4 unicast

RTR1#

 

RTR1# sh ip arp vrf test

Flags: * - Adjacencies learnt on non-active FHRP router
+ - Adjacencies synced via CFSoE
# - Adjacencies Throttled for Glean
CP - Added via L2RIB, Control plane Adjacencies
PS - Added via L2RIB, Peer Sync
RO - Re-Originated Peer Sync Entry
D - Static Adjacencies attached to down interface

IP ARP Table for context test
Total number of entries: 2
Address Age MAC Address Interface Flags
192.168.12.1 00:16:20 5254.000c.6963 Ethernet1/1
192.168.23.3 00:16:18 5254.001e.2e26 Ethernet1/2
RTR1#

 

I have 2 devices connected to port e1/1 (192.168.12.1) and e1/2 (192.168.23.3) and pinging each other.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Harold Ritter

‎07-21-2021 04:49 PM - edited ‎07-21-2021 04:52 PM 

that NX-OS doesn't show local interface ARP entries, only connected ARP entries?

Good, you are able to understand better here and got fixed.

 

@Harold Ritter maybe I am reading wrong, original poster looking local ARP entries I guess..or I miss something here?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to balaji.bandi

‎07-21-2021 04:53 PM

Hi @balaji.bandi ,

 

You are right. I had missed that specific part. I sent another message to answer that specific question.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Harold Ritter

‎07-21-2021 04:54 PM

@Harold Ritter thank you for the clarification ..Cheers !

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee

‎07-21-2021 04:51 PM

Hi @gopher73 ,

 

I did not realized you are referring to the local ARP entry on the Nexus9k. The local ARP entry is not show whether in global routing table to VRF mode on Nexus9k.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents