04-09-2019 07:59 AM - edited 04-09-2019 08:00 AM
I'm trying to find out if this is a NX-OS bug or a misconfiguration:
I have a switch with 2 interfaces configured as route interface.
eth1/2 has only a link local address: fe80::1
eth1/3 has only an autogenerated link local address.
With a classic router (linux box, …), it is perfect possible to define a default route with gateway fe80::1%eth1/3
But when I try to do that on nx-os 9.2.3, it refuses to create the route with the error: Next-hop cannot be a local address
IMHO, this error is meaningless as "fe80::1%eth1/3" is not a local address. If I use an other next-hop address (fe80::2%eth1/3) or if I change the eth1/2 address, everything works fine.
My config is like this:
interface Ethernet1/2 no switchport ipv6 link-local fe80::1 interface Ethernet1/3 no switchport ipv6 address use-link-local-only
I try to create the route using the following command:
nexus(config)# ipv6 route ::/0 fe80::1 eth1/3 Next-hop cannot be a local address
And the IPv6 interface state is:
nexus(config)# sh ipv6 int IPv6 Interface Status for VRF "default" Ethernet1/2, Interface status: protocol-down/link-down/admin-up, iod: 10 IPv6 address: fe80::1 [TEN] IPv6 link-local address: fe80::1 (configured) [TEN] IPv6 virtual addresses configured: none IPv6 multicast routing: disabled IPv6 report link local: disabled IPv6 Forwarding feature: disabled IPv6 multicast groups locally joined: ff02::2 ff02::1 ff02::1:ff00:1 IPv6 multicast (S,G) entries joined: none IPv6 MTU: 1500 (using link MTU) IPv6 unicast reverse path forwarding: none IPv6 load sharing: none IPv6 interface statistics last reset: never IPv6 interface RP-traffic statistics: (forwarded/originated/consumed) Unicast packets: 0/0/0 Unicast bytes: 0/0/0 Multicast packets: 0/0/0 Multicast bytes: 0/0/0 Ethernet1/3, Interface status: protocol-down/link-down/admin-up, iod: 11 IPv6 address: fe80::32f7:dff:fe9f:53c [TEN] IPv6 link-local address: fe80::32f7:dff:fe9f:53c (default) [TEN] IPv6 virtual addresses configured: none IPv6 multicast routing: disabled IPv6 report link local: disabled IPv6 Forwarding feature: disabled IPv6 multicast groups locally joined: ff02::2 ff02::1 ff02::1:ff9f:53c IPv6 multicast (S,G) entries joined: none IPv6 MTU: 1500 (using link MTU) IPv6 unicast reverse path forwarding: none IPv6 load sharing: none IPv6 interface statistics last reset: never IPv6 interface RP-traffic statistics: (forwarded/originated/consumed) Unicast packets: 0/0/0 Unicast bytes: 0/0/0 Multicast packets: 0/0/0 Multicast bytes: 0/0/0
04-11-2019 10:48 AM - edited 04-11-2019 11:10 AM
Hi @Jean-Daniel,
I found this is a limitation with the NX-OS software applicable for all Nexus family of Switches.
It was document here:
IPv6 static route next hop link-local address cannot be configured at any local interface.
via:
The workaround, not configure the same link-local address in any of your Switch's interface that is also intended to be used as a Next-Hop via a Static Route.
HTH.
04-12-2019 08:02 AM
Please define 'local interface'.
`fe80::1%eth1/3` is not a local address and so not a local interface.
As a side note, I found afterward that it is perfectly possible to do what I was trying to do by declaring the route before configuring the interface (which is fortunately the order in which the config is saved automatically).
The problem is that the route command validation code is broken and wrongly reject a perfectly valid route.
The interface configuration command don't have that issue, and so let me configure the interface address.
04-12-2019 08:12 AM
Hi @Jean-Daniel,
Local interface is any interface on your Nexus. It can be a Layer 3 port or interface vlan (aka SVI).
As you have said, it looks to be the parser rejecting the operation based on a local interface already with that link-local address in the configuration at the moment the static route is applied.
It looks like you found a logical way to cheat the parser.
Still, it was documented that way in Cisco.com
I will check internally if this behavior can be looked at by the Nexus product team.
For the time being, you have your workaround.
Regards.
04-12-2019 08:17 AM - edited 04-12-2019 08:17 AM
The documentation says I can't use a local interface as Next-Hop. But this is not what I'm trying to do, so I disagree when you say my issue is documented.
The command parser wrongly think that I'm targeting a local interface, which is not what I'm doing.
That said, thank you for your responses :-)
04-12-2019 08:39 AM
Hi @Jean-Daniel,
The documentation refers to what you are trying to do.
It says "IPv6 static route next hop link-local address cannot be configured at any local interface."
I know you are doing "fe80::1%eth1/3" where fe80::1 is not configured on eth1/3 but on eth1/2 segment. Still, eth1/3 & eth1/2 are considered "local interfaces" in this context.
In theory, your Static Route should be a valid configuration since in the IPv6 world, Link-Local address are relevant per network segment. However, there is an internal code check in NX-OS that prevents the Static Route from being accepted by the parser since it detects fe80::1 is already configured in a local interface... any local interface.
This is a similarly to the parser preventing you from configuring a Static Route in IPv4 which next-hop is an IP you have already configured on any interface.
switch(config)# int eth2/1 switch(config-if)# ip add 10.1.2.1 255.255.255.0 switch(config-if)# no shut switch(config)# ip route 8.8.8.8/32 10.1.2.1 % Next-hop cannot be local address in same or different vrf switch(config)#
I guess that internally in code, the Static Route API is not sending to the parser API the interface information along with the IPv6 next-hop for this check to be more accurate.
Your workaround makes sense since it bypasses the parser check.
You are welcome :-)
Regards.
04-18-2019 10:35 AM - edited 04-18-2019 12:51 PM
IPv6 static route next hop link- https://xender.pro/ https://discord.software/ https://omegle.onl/ local address cannot be configured at any local interfac
10-19-2021 05:07 AM
@Jean-Daniel wrote:
I'm trying to find out if this is a NX-OS bug or a misconfiguration:
I have a switch with 2 interfaces configured as route interface.
eth1/2 has only a link local address: fe80::1
eth1/3 has only an autogenerated link local address.
With a classic router (linux box, …), it is perfect possible to define a default route with gateway fe80::1%eth1/3
But when I try to do that on nx-os 9.2.3, it refuses to create the route with the error: Next-hop cannot be a local address
IMHO, this error is meaningless as "fe80::1%eth1/3" is not a local address. If I use an other next-hop address (fe80::2%eth1/3) or if I change the eth1/2 address, everything works fine.
My config is like this:
interface Ethernet1/2 no switchport omegle ipv6 link-local fe80::1 interface Ethernet1/3 no switchport cps counter ipv6 address use-link-local-only
I try to create the route using the following command:
nexus(config)# ipv6 route ::/0 fe80::1 eth1/3 cps test Next-hop cannot be a local address
And the IPv6 interface state is:
nexus(config)# sh ipv6 int IPv6 Interface Status for VRF "default" Ethernet1/2, Interface status: protocol-down/link-down/admin-up, iod: 10 IPv6 address: fe80::1 [TEN] IPv6 link-local address: fe80::1 (configured) [TEN] IPv6 virtual addresses configured: none IPv6 multicast routing: disabled IPv6 report link local: disabled IPv6 Forwarding feature: disabled IPv6 multicast groups locally joined: ff02::2 ff02::1 ff02::1:ff00:1 IPv6 multicast (S,G) entries joined: none IPv6 MTU: 1500 (using link MTU) IPv6 unicast reverse path forwarding: none IPv6 load sharing: none IPv6 interface statistics last reset: never IPv6 interface RP-traffic statistics: (forwarded/originated/consumed) Unicast packets: 0/0/0 Unicast bytes: 0/0/0 Multicast packets: 0/0/0 Multicast bytes: 0/0/0 Ethernet1/3, Interface status: protocol-down/link-down/admin-up, iod: 11 IPv6 address: fe80::32f7:dff:fe9f:53c [TEN] IPv6 link-local address: fe80::32f7:dff:fe9f:53c (default) [TEN] IPv6 virtual addresses configured: none IPv6 multicast routing: disabled IPv6 report link local: disabled IPv6 Forwarding feature: disabled IPv6 multicast groups locally joined: ff02::2 ff02::1 ff02::1:ff9f:53c IPv6 multicast (S,G) entries joined: none IPv6 MTU: 1500 (using link MTU) IPv6 unicast reverse path forwarding: none IPv6 load sharing: none IPv6 interface statistics last reset: never IPv6 interface RP-traffic statistics: (forwarded/originated/consumed) Unicast packets: 0/0/0 Unicast bytes: 0/0/0 Multicast packets: 0/0/0 Multicast bytes: 0/0/0
Will try this configuration. Helpful!
11-22-2022 02:49 AM
We will try this configuration. That's really helpful!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide