Re: Why L3VNI State is "Down"?

Jbr002 · ‎12-10-2023

Hi, all.

I am learning VXLAN using Nexus 9000v on CML2.

I could configure to communicate between alpine-1 and alpine-3.

But I couldn't between alpine-1 and alpine-4.

I configured nxsus switches refferensing this url.
https://community.cisco.com/t5/tkb-%E3%83%87%E3%83%BC%E3%82%BF%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BC-%E3%83%89%E3%82%AD%E3%83%A5%E3%83%A1%E3%83%B3%E3%83%88/cisco-nexus-%E3%82%B7%E3%83%AA%E3%83%BC%E3%82%BA-vxlan-evpn-l3vni-%E5%9F%BA%E6%9C%AC%E8%A8%AD%E5...

But "show nve vni" command shows L3VNI is down. Why?

And nx9k-2(spine) doesn't receive L3 route on bgp.

Why leaf nodes dones't advertise local L3 routes?

[nx9k-1 vni status]

nx9k-1# show nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
S-ND - Suppress ND
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
HYB - Hybrid IRB mode

Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 5000 UnicastBGP Up CP L2 [2000]
nve1 6000 n/a Down CP L3 [external]

[nx9k-4 vni status]

nx9k-4# show nve vni
Codes: CP - Control Plane DP - Data Plane
UC - Unconfigured SA - Suppress ARP
S-ND - Suppress ND
SU - Suppress Unknown Unicast
Xconn - Crossconnect
MS-IR - Multisite Ingress Replication
HYB - Hybrid IRB mode

Interface VNI Multicast-group State Mode Type [BD/VRF] Flags
--------- -------- ----------------- ----- ---- ------------------ -----
nve1 5001 UnicastBGP Up CP L2 [2001]
nve1 6000 n/a Down CP L3 [external]

[nx9k-2 bgp status]

nx9k-2# show bgp all summary
BGP summary information for VRF default, address family IPv4 Unicast

BGP summary information for VRF default, address family IPv6 Unicast

BGP summary information for VRF default, address family L2VPN EVPN
BGP router identifier 10.255.0.2, local AS number 65534
BGP table version is 75, L2VPN EVPN config peers 3, capable peers 3
6 network entries and 6 paths using 1656 bytes of memory
BGP attribute entries [6/2160], BGP AS path entries [3/18]
BGP community entries [0/0], BGP clusterlist entries [0/0]

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/
PfxRcd
10.255.0.1 4 64512 701 677 75 0 0 11:01:34 2

10.255.0.3 4 64514 683 679 75 0 0 11:00:34 2

10.255.0.4 4 64513 695 679 75 0 0 11:00:35 2

Neighbor T AS PfxRcd Type-2 Type-3 Type-4 Type-5
10.255.0.1 I 64512 2 1 1 0 0
10.255.0.3 I 64514 2 1 1 0 0
10.255.0.4 I 64513 2 1 1 0 0
nx9k-2#
nx9k-2# show bgp all
BGP routing table information for VRF default, address family L2VPN EVPN
BGP table version is 75, Local Router ID is 10.255.0.2
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-i
njected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup, 2 - b
est2

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 10.255.0.1:34767
*>e[2]:[0]:[0]:[48]:[5254.0015.9076]:[0]:[0.0.0.0]/216
10.255.0.1 0 64512 i
*>e[3]:[0]:[32]:[10.255.0.1]/88
10.255.0.1 0 64512 i

Route Distinguisher: 10.255.0.3:34767
*>e[2]:[0]:[0]:[48]:[5254.0019.8b56]:[0]:[0.0.0.0]/216
10.255.0.3 0 64514 i
*>e[3]:[0]:[32]:[10.255.0.3]/88
10.255.0.3 0 64514 i

Route Distinguisher: 10.255.0.4:34768
*>e[2]:[0]:[0]:[48]:[5254.000d.5592]:[0]:[0.0.0.0]/216
10.255.0.4 0 64513 i
*>e[3]:[0]:[32]:[10.255.0.4]/88
10.255.0.4 0 64513 i

als95 · ‎12-23-2023

1) You don't need to re-define `vrf context` for the external routes on sw1, however you need your tenancy vfr context configured on both sw1 and sw2

2) You need to import external routes using matching RD from vrf context external of the sw4.

I can suggest you going though examples from that blog https://blog.avidpontoon.co.uk/vxlan-evpn-multi-site-part-9-external-access-outside-fabric/