Got a weird one - pretty much our largest customer has added a new building, and finally got fiber ran to it so I was setting up the WAN link between the new and old buildings.
For some reason, creating a WAN VLAN on each device, configuring ports as trunks, and then routing via static routes has not been working. Then today, the whole core just stops passing traffic, the only way to fix it was to clear arp-cache. Then, even weirder, after that happened no one can get out to the internet.
Core can see switch x that it is connected to, but cannot ping it. But switch y on the other side of the core can ping and ssh into switch x, with its only path to switch x being through the core. Resorted to reloading the core and am waiting to hear back if that fixes the issue.
The only configuration I made on the core was to create a vlan (yesterday) to act as the WAN connection, and a static route pointing to the subnet on the new building side. Again, all this was done last night and has been fine until this morning around 10 AM. They do have a router, which they dont know the password for, of course, which is why I have had to resort to plugging the new WAN link into the core layer 3 switch.
The core only has two static routes:
ip route 0.0.0.0 0.0.0.0 192.168.189.9 <-- to router/firewall
ip route 192.168.134.0 255.255.255.0 10.254.254.2 <-- new route to new building. subnet does not exist anywhere else.
EDIT: The reload fixed the issue with connectivity, but the new building still has no connectivity to the core.
Inviting all network professionals in operations! We'd like to understand what would be valuable for you in a mobile application. Your response will help Cisco improve a product feature that could benefit you. Thanks!
Click here to take the sur...
Cisco’s software-defined wide area network (SD-WAN) solution allows user to quickly and seamlessly establish an overlay fabric to connect an enterprise’s data centers, branch and campus locations, as well as colocation facilities in order to imp...
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Purpose of the document
This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed C...