cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3045
Views
0
Helpful
5
Replies

Why VTEP can`t ping to host A but host B can ping to host A ?

9813108aa
Level 1
Level 1

Image 2.png

 

 

Hello !

 

This is Evpn over VxLAN topology

 

There are R11 and R14 community with vlan 100 (172.16.100.11 to 172.16.100.14) but NXOS_1(leaf) ping to R14 with vlan 100 (172.16.100.253 to 172.16.100.14) is fail , why will be that ?

 

Has anyone encountered the same problem as me?

 

Any reply will help me thank you

 

1 Accepted Solution

Accepted Solutions

Hello,

In case when you have distributed anycast gateway, you will only be able to ping the connected end hosts on the local VTEP. You will not be able to ping from any VTEP a remote end host. This is becuase the vmac and vip are shared between vteps, and the icmp replys will be consumed by the vtep where the end host is connected. You can confirm that using ethanalyzer on the VTEP where ping is initiated and first hop VTEP.

Nexus9K# ethanalyzer local interface inband display-filter icmp limit-captured-frames 0

Stay safe,

Sergiu

View solution in original post

5 Replies 5

Sergiu.Daniluk
VIP Alumni
VIP Alumni

Hi @9813108aa 

Any chance you are using distributed anycast gateway?

 

Stay safe,

Segiu

Hello!

 

Yes , I use distributed anycast gateway , Will that have any effect for Connectivity of leaf to host?

 

thank you 

 

Vincent 

 

Hello,

In case when you have distributed anycast gateway, you will only be able to ping the connected end hosts on the local VTEP. You will not be able to ping from any VTEP a remote end host. This is becuase the vmac and vip are shared between vteps, and the icmp replys will be consumed by the vtep where the end host is connected. You can confirm that using ethanalyzer on the VTEP where ping is initiated and first hop VTEP.

Nexus9K# ethanalyzer local interface inband display-filter icmp limit-captured-frames 0

Stay safe,

Sergiu

Hello Sergiu

 

Thank your answer , I will try it

 

by the way , In my topology I try to control route of L3vni  in some VRF , but it seems can`t change next hop  for evpn route , like my topology  , if R14 need to go to R12 with vlan 200 , NXOS_1 and NXOS_2 is leaf that connect spine of NXOS_3 - 6 with IBGP ,  but if we "show bgp l2vpn evpn"  and look at  from route of NXOS_1 , these bgp l2vpn route can`t change BGP next hop , if we change that connection between R14 and R12 will be failed , I will not be able to do routing control to choose which data went to which spine for next hop , how can I solve it ? 

 

Thanks for your suggestion

 

Vincent

hi @9813108aa 

The spines are the underlay from perspective of evpn and vxlan. So you should see the next hop only the remote vtep.

From perspective of routing in the underlay, there will be ECMP, so no control in which flow to go to which spine.

 

Stay safe,

Sergiu

Review Cisco Networking for a $25 gift card