10-27-2020 09:46 PM
Hi Guys,
I am trying to configure vxlan configuration on the GNS3 and found out issues between the ASA and Nexus.
I noticed that this flapping only occur when I introduced the nve interface into the configuration on Nexus.
Prior to this (configuration of VXLAN), I have everything working fine running on OSPF and the SVIs are all on the respective vrf.
Also, this OSPF neighbor is within a VRF on the nexus end.
I was wondering if this is something due to GNS3 or something that is not compatible.
The issue is between the devices within the red circle in the attached picture.
I have also attached a picture of the output on the ASA before the nve interface is configured on the Nexus.
After configuring the nve interface as follow:-
interface nve1
no shutdown
source-interface loopback1
host-reachability protocol bgp
source-interface hold-down-time 30
The OSPF neighborship becomes unstable (as attached).
Is this a GNS3 issue or does this just not work?
Sorry, I am not able to paste the output from the ASA into this discussion.
Thank you.
 
					
				
		
10-28-2020 12:20 AM
Hello,
could be related to the 50-byte overhead VXLAN requires. Try and increase the mtu to e.g.:
interface nve1
no shutdown
--> mtu 9216
source-interface loopback1
host-reachability protocol bgp
source-interface hold-down-time 30
10-29-2020 01:49 AM
Hi @Georg Pauwen,
Thank you for your response.
I did try to input the mtu size configuration into the nve interface but it doesn't accept it.
By default too, mtu is set to 9216 on the interface.
NEXUS-PRI-LAB(config)# int nve1
NEXUS-PRI-LAB(config-if-nve)# mtu ?
                                                                ^
% Invalid command at '^' marker.
NEXUS-PRI-LAB# show int nve1
nve1 is down (other)
admin state is up, Hardware: NVE
MTU 9216 bytes
Encapsulation VXLAN
Auto-mdix is turned off
RX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
TX
ucast: 0 pkts, 0 bytes - mcast: 0 pkts, 0 bytes
NEXUS-PRI-LAB#
I went a step further and configured all my interfaces (between ASA and Nexus) to 9000 (ASA can only support to 9000).
I can confirm after doing this that everything is working fine, there was no issue with the OSPF neighborship.
I then set this as a baseline as the MTUs are all set to high.
I then proceed to input the basic feature commands for VXLAN.
These are..
conf ter
feature bgp
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay
nv overlay evpn
!
fabric forwarding anycast-gateway-mac 0000.1111.2222
!
I can confirm after I input the above config, everything was still working well.
I then input the command for the nve interface.
After input the command line by line, I will reset the ospf process on the ASA and wait for the neighbor to form.
Command that I put is...
conf ter
interface nve1 <- no issue happen here
no shutdown
... and OSPF flapping occur.
For now, I can confirm that in GNS3, this flapping issue occurs when I create the NVE interface and enable it.
Now I am not sure if this is a limitation in GNS3 or a limitation in real life (which I highly doubt).
But since I am going to touch my production network, I dare not give this a try unless I am 1000% confirm that it will work.
I was wondering if anyone has configured this in real life and if the same issue still occurs then?
Anyone?
10-29-2020 11:05 AM
Hello,
one thing you could try is the 'ip ospf mtu-ignore' command. Configure that and check what the results are...
10-29-2020 01:22 PM
Hi @Georg Pauwen ,
Thanks for your suggestion.
I tried to input the config but there was no difference, still the same issue when I unshut the nve1 interface.
I have also done a pcap in hoping that the information to why this is happening is in it.
FYI, this pcap is capture when routing is working fine up to when I input the nve1 interface configuration.
Hopefully it give some clues.
The IP address to look out for is in the picture attached.
There will be other IPs in the pcap but please ignore them for now as thats the communication to the EXT ASA.
Thanks.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide