Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1170
Views
0
Helpful
2
Replies

C9500 IOx container app on customer vrf (or vlan)

-magesh-
Level 1
Level 1

‎09-09-2020 12:29 PM

C9500 does not have the AppGigabitEthernet interface for IOx apps, so it is slightly different from C9300.

 

All the examples I have found on Cisco documents/blogs relating to IOx containers on C9500 only point to using management network for connectivity.

 

I have upgraded the C9500 to ios 17.3.1 and managed to set up the Virtual Port Group on a custom vrf. The issue I am facing is that every alternate packet (ping test) is dropped. Here are my configs:

interface VirtualPortGroup0
 ip vrf forwarding D1
 ip address 192.168.2.1 255.255.255.0
!
app-hosting appid networktest
 app-vnic gateway0 virtualportgroup 0 guest-interface 0
  guest-ipaddress 192.168.2.2 netmask 255.255.255.0
 app-default-gateway 192.168.2.1 guest-interface 0

IP route on vrf looks good (adding only the relevant part):

 

 

      192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.2.0/24 is directly connected, VirtualPortGroup0
L        192.168.2.1/32 is directly connected, VirtualPortGroup0

Also, the arp resolution was fine on the vrf:

Internet  192.168.2.2             1   <container mac address>  ARPA   VirtualPortGroup0

Here is some ping from the container. I see the same behavior towards all subnets in this vrf. Here is the ping to the vpg0:

ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1): 56 data bytes
64 bytes from 192.168.2.1: seq=0 ttl=254 time=0.662 ms
64 bytes from 192.168.2.1: seq=1 ttl=254 time=0.826 ms
64 bytes from 192.168.2.1: seq=3 ttl=254 time=0.727 ms
64 bytes from 192.168.2.1: seq=5 ttl=254 time=0.631 ms

Since there is connectivity, but only every alternate packet is being dropped, I assume this is not an unsupported feature and could be either a simple missing/misconfiguration.

 


Has anyone managed to get a container networking connected to a customer vrf (or vlan) ? Is there some configuration that I am missing here.

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎09-09-2020 12:42 PM

I have tested long back with simple VLAN, not I have seen that ping Loss.(but it was not that lastest code).

Do you have any Control plane QoS enabled if so please check that and disabled and try. ?

 

Another question, Do you have other VLAN L3 interface have same ping Loss ?  (not the container tagged one ?)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

-magesh-
Level 1
Level 1
In response to balaji.bandi

‎09-09-2020 01:29 PM

Thanks for your reply.

 

I disabled all the QoS config, but that did not seem to help.

 

One point to note - the loss is happening on the VirtualPortGroup when it is added to the vrf (everything seems to work fine on global)

 

Regarding VLAN, I am trying to use vrf rather than vlan.

interface VirtualPortGroup0
 ip vrf forwarding D1 ip address 192.168.2.1 255.255.255.0

Were you using C9500 ? If so can you please let me know how you managed to run a container on vlan. I have containers working fine on vlan in C9300, but that had a special port named "AppGigabitEthernet" for containers that could be configured in trunk/access modes. However, C9500 seems to lack that feature. 

0 Helpful
Customers Also Viewed These Support Documents