APIC-EM path trace not working

Dave Lewis · ‎10-28-2016

Hello,

I have apic-em ver 1.3 running and have added a couple of sites to it for testing. I'm finding that the path trace feature isn't working, even between two devices within the same vlan, the only scenario that works is two devices in the same vlan and connected to the same switch, everything else gives me "Gateway not found for source: x.x.x.x", not sure why it should even need to know the gateway for same-vlan traffic but hey-ho.

Equipment in use is: access layer = 3650, distribution = 6880-x with VRFs.

Take this scenario:

Device A is connected to access-1 on port 1. Access-1 has a L2 port-channel up to distribution-1. Device B is patched to access-2 port 1 which also has a L2 port-channel to distribution-1. Path trace is failing between devices a and b with the gateway not found message. This should be a simple case of tracing the MAC addresses along the path so I'd expect this to work.

I have IPDT enabled on all switches and all are running versions higher than the minimum listed in the compatibility matrix.

Any ideas appreciated.

Dave

Gopala Krishna Chaikam · ‎11-21-2016

Hi,

This is supposed to work. Can you post the running-config for all the 3 switches ?

Dave Lewis · ‎11-23-2016

Hi, do you have an email address I can send them to? The configs are very large and it'll take me ages to strip out all the company specific things.

I've uploaded some command output and a screenshot of the error message on apic-em in the meantime.

Thanks,

Gopala Krishna Chaikam · ‎11-23-2016

Sure Dave. You can e-mail to gchaikam@cisco.com.

And also topology diagram would be helpful if you have one, along with VRFs highlighted or any inter VRF leaks or global vrf leaks.

Dave Lewis · ‎11-24-2016

Hi,

Thanks, I'll email them over with a topology diagram. Its a lab environment so its just a 6880 core with two 3650's attached. No PaGP, only LACP:

Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
11 Po11(SU) LACP Te1/5/6(D) Te2/5/6(P)
13 Po13(SU) LACP Te2/5/7(P)

marek.golha · ‎01-23-2017

I have the same problem. Did you managed to resolve the issue?

Thanks in advance.

Marek

Dave Lewis · ‎01-23-2017

Hi Marek,

I had a webex with Cisco where we recreated the issue and it appeared to be something to do with a using a management IP that cannot ICMP ping the end host. So for example if you had a 3650 edge switch with a mgmt SVI (vlan 200 for e.g.) and that vlan is on a VRF on the core switch that has no route to the destination host we are trying to path trace to (no route leaking between the VRFs). This seemed to be the cause of the problem so even though the source and destination hosts might be in the same VLAN, if the switch's management vlan is different then the path trace won't work - it seems to try and use L3 techniques even when it doesn't need to.

TAC acknowledge the issue, took away the logs and said they'd work on getting it fixed in the next version so hopefully it'll be sorted in 1.4.

Hope that makes sense, in summary its a definite bug in 1.3 that should be fixed in the next version or the one after that.

Thanks,

Dave

marek.golha · ‎01-25-2017

Hello Dave,

thank you very much for your response - now it is clear.

Marek

Gopala Krishna Chaikam · ‎11-23-2016

Do you have PAgP in non-working scenario ? If so, APIC-EM doesn't support PAgP in path trace.