cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
669
Views
4
Helpful
6
Replies

Unable to ping terminal after migration

hina316
Level 1
Level 1

I am using LISP to migrate virtual machines on the same segment between DC1 and DC2.
There are two segments to be migrated.The Gateway will be an on-premises L3switch.
1.10.1.0.0/24 Gateway IP: 10.1.0.254 (L3SW)
2. 10.2.0.0/24 Gateway IP: 10.2.0.254 (L3SW)

NW Configuration
|terminal1|-------|L3SW|------|LISP-RT1|--------------|LISP-RT2|------|terminal2|

I am having trouble communicating with another segment that has moved from DC1 to DC2.
Is this a specification?
Is there another way to communicate?

■DGW at the end of the day ga LISP-RT1(.250)
Delivery element: 10.1.0.100/24
〇 10.1.0.100⇔10.1.0.200
〇 10.1.0.100⇔10.2.0.100
〇10.1.0.100⇔10.2.0.200

DGW ga L3SW(.254)
Delivery element: 10.1.0.100/24
〇 10.1.0.100⇔10.1.0.200
〇 10.1.0.100⇔10.2.0.100
x 10.1.0.100⇔10.2.0.200

■DGW at the end ga LISP-RT1(.250)
Delivery element: 10.2.0.100/24
〇 10.2.0.100⇔10.1.0.100
〇 10.2.0.100⇔10.1.0.200
〇10.2.0.100⇔10.2.0.200

DGW ga L3SW(.254)
Delivery element: 10.2.0.100/24
〇 10.2.0.100⇔10.1.0.100
x 10.2.0.100⇔10.1.0.200
〇10.2.0.100⇔10.2.0.200

2 Accepted Solutions

Accepted Solutions

Hello @hina316,

ur welcome!

It sounds like you’re dealing with LISP (Locator/ID Separation Protocol) configuration issues related to nbr-proxy-reply requests in your mobility subnet setup. If removing the nbr-proxy-reply requests 3 configuration resolves your communication issues, it suggests that the option might not be suited for your specific deployment or network setup.

Understanding nbr-proxy-reply requests

The nbr-proxy-reply requests command in LISP is used to configure the behavior of LISP routers in relation to proxy replies for neighbor discovery requests. Specifically, nbr-proxy-reply requests 3 would be a setting influencing how the LISP router handles or responds to neighbor discovery requests.

Would say check LISP config guide, like Cisco platform or Ios version (usually you will find great info...)

Also check Cisco Feature Navigator: Use Cisco's Feature Navigator tool to find specific features and their documentation.

  1. Cisco Support and Community:
    • Cisco Support: Engage with Cisco support for detailed, platform-specific assistance. They can provide insights into why certain configurations might cause issues in your environment.
    • Cisco Community Forums: Often, other users or Cisco experts may have encountered similar issues and can provide additional context or solutions.
  2. Configuration Examples:
    • Example Configurations: Cisco LISP Configuration Examples
    • Cisco Configuration Guides: Look for examples related to your specific configuration setup. Sometimes, deployment guides or configuration examples from Cisco’s documentation can shed light on specific options like nbr-proxy-reply requests.

Also another option (if you have time (LOOL), and nothing better to do (Double LOOL) Additional Resources:

    • Books and eBooks: Cisco-related books or eBooks might have chapters dedicated to advanced LISP configurations and common issues.
    • Technical Blogs: Sometimes, network engineers share their configurations and troubleshooting steps in blogs which might include information about less common configuration options.

Summary

For documentation and further understanding of nbr-proxy-reply requests 3:

  • Check Cisco’s LISP configuration guides and feature documentation.
  • Utilize Cisco Support and Community forums for expert advice.
  • Explore configuration examples and technical resources related to LISP.

If nbr-proxy-reply requests 3 is causing issues, it’s essential to verify whether this setting is appropriate for your deployment scenario or if other configurations might better suit your needs.

I hope my response was helpful and provided some clarity on the situation!

E.S

more Cisco?!
more Gym?!

View solution in original post

hina316
Level 1
Level 1

Hello @Enes Simnica 

Thank you for your reply.

I also have a question about nbr-proxy-reply requests 3.
I am guessing that nbr is a command that looks for neigbhor such as ospf or bgp.
This is also a guess, but I think that the adjacent device (L3SW) will not reply to the arp-request within the standard number of times.
It seems that the adjacent device (L3SW) does not respond to the arp-request within the standard number of times, so it is possible that the threshold is set to “no” and the command is disabled.
Therefore, it seems as if the communication is working by disabling the arp-request without this threshold.

I selected all LISP in features from Cisco Feature Navigator.
No Rows to show” and no useful information was found.

LISP Configuration Guide was not listed either.
Cisco IOS IP Routing: LISP Command Reference - LISP Interface Configuration Commands [Support] - Cisco

This command was only listed on the following web site,
I could not find any detailed information about the command.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_lisp/command/ip-lisp-cr-book/lisp-if-config-cmds.html

Again, I ask about the function and config of this command, which is new in the Community.

View solution in original post

6 Replies 6

Enes Simnica
Level 1
Level 1

Hello @hina316.

Based on your network configuration and the use of LISP for VM migration between data centers, it seems like you're experiencing communication issues due to the default gateway (DGW) configuration and how LISP interacts with your Layer 3 switches. Here are a few points to consider and possible solutions:

Analysis

  1. Default Gateway Configuration: The DGW can be either LISP-RT1 (.250) or the L3SW (.254). The communication patterns vary depending on which device is serving as the DGW.
  2. LISP Functionality: LISP (Locator/ID Separation Protocol) is designed to separate the location and identity of devices in a network, facilitating mobility and easier routing between different segments.
  3. Communication Issues: The specific communication issues you're facing (like 10.1.0.100 ⇔ 10.2.0.200 not working) indicate potential routing issues or misconfigurations in the LISP mappings or the Layer 3 switch configurations.

Possible Causes and Solutions

  1. LISP Configuration: Ensure that the LISP configuration is correct and that all EID (Endpoint Identifier) to RLOC (Routing Locator) mappings are properly defined. Both LISP routers should have updated mappings for all segments and VMs involved.
  2. Gateway Consistency:
    • When the DGW is LISP-RT1 (.250), LISP should handle the routing and encapsulation between segments, and the communication should work if LISP is correctly configured.
    • When the DGW is the L3SW (.254), ensure that the L3SW has proper routes to forward traffic to the LISP routers for inter-segment communication.
  3. Routing on L3 Switch:
    • Verify that the L3SW has static routes or dynamic routing protocols configured to forward traffic to the LISP routers for segments located in the other data center.
    • Example static route configuration on the L3SW:

ip route 10.2.0.0 255.255.255.0 <LISP-RT1 IP>

ip route 10.1.0.0 255.255.255.0 <LISP-RT2 IP>

  1. LISP Mobility Handling:
    • Ensure that the LISP routers are correctly configured to handle VM mobility between DC1 and DC2. They should update their mappings and inform each other when a VM moves.
    • Example LISP configuration:

router lisp

  eid-table default

    database-mapping 10.1.0.0/24 locator-set DC1

    database-mapping 10.2.0.0/24 locator-set DC2

  instance-id 0

    dynamic-eid VM-Mobility

    database-mapping 10.1.0.0/24 locator-set DC1

    database-mapping 10.2.0.0/24 locator-set DC2

    map-server

    map-resolver

  1. NAT and Firewall Rules:
    • Check for any NAT or firewall rules that might be affecting communication between segments. Ensure that traffic between DC1 and DC2 is allowed and correctly routed.

 

Verification Steps

  1. Ping Tests:
    • Perform ping tests from various points in the network to verify connectivity.
    • Use traceroute to see the path taken by packets and identify where they might be getting dropped.
  2. LISP Map-Cache:
    • Verify the LISP map-cache entries on the LISP routers to ensure they have correct and updated information about the VM locations.
    • Example command:

show lisp eid-table vrf default ipv4 map-cache

  1. Routing Tables:
    • Check the routing tables on both L3SW and LISP routers to ensure routes are correctly pointing to the desired locations.
    • Example command:

show ip route

By following these steps and verifying the configurations, you should be able to identify the root cause of the communication issues and resolve them. If problems persist, detailed logs and configurations may be needed for a deeper analysis.

 

E.S

 

more Cisco?!
more Gym?!

Hello @Enes Simnica 

Thank you for your response.
I have considered writing a route on a stick,
I can't write the routing because the devices on this configuration are on the same segment.

When the GW of terminal1 is set to 10.1.0.254, arp-request from L3SW to LISP-RT1
is sent from L3SW to LISP-RT1, but there is no response to the request.

The devices on this configuration are on the same segment.
IP configuration for segment 10.1.0.0/24
terminal1 10.1.0.100/24
L3SW 10.1.0.254
LISP-RT1 10.1.0.250
terminal2 10.1.0.200/24

IP configuration for the 10.2.0.0/24 segment
terminal1 10.2.0.100/24
L3SW 10.2.0.254
LISP-RT1 10.2.0.250
terminal2 10.2.0.200/24

Enes Simnica
Level 1
Level 1

Hey there @hina316 

Given the situation you've described, where ARP requests are not receiving responses and all devices are on the same network segment, here’s a structured approach to troubleshooting that aligns with the problem, and I think this one should solve the issue..

Recommended Troubleshooting Steps

  1. Verify ARP Configuration and Responses:
    • Check ARP Responses: Confirm that LISP-RT1 is correctly configured with the IP address 10.1.0.250 and is on the correct segment (10.1.0.0/24). If it’s not responding to ARP requests, ensure that it's correctly configured to respond to requests on that subnet.
    • Clear ARP Cache: On the L3 switch, clear the ARP cache and retry to ensure there are no stale ARP entries: clear arp-cache
  1. IP Configuration Verification:
    • Unique IP Addresses: Make sure there are no IP address conflicts on the segment. Each device should have a unique IP address.
    • Ping Test: Perform a ping test to verify connectivity:

ping 10.1.0.250

    • Traceroute: Use traceroute to ensure that packets are reaching LISP-RT1 and that there are no issues in the path:

traceroute 10.1.0.250

  1. Check LISP Configuration:
    • Verify Configuration: Ensure that LISP-RT1 is correctly configured and active. Check LISP mappings to ensure that the router is correctly handling traffic for the segment:

show lisp eid-table ipv4 map-cache

  1. Segment and VLAN Verification:
    • Confirm Same Segment: Double-check that all devices are indeed on the same broadcast segment or VLAN. VLAN mismatches can cause ARP issues.

 

  1. Inspect Filtering and Security Settings:
    • Firewall and ACLs: Ensure there are no firewall rules or ACLs that might be blocking ARP requests or responses.
  2. Use Network Tools:
    • Network Sniffing: Use a network sniffer like Wireshark to capture ARP traffic and analyze if ARP requests are being sent and if responses are being received.
  3. Device Health Check:
    • Physical Layer Check: Ensure all devices are operational and properly connected. Physical issues can sometimes lead to network problems.

Example Commands

  • Clear ARP Cache:

clear arp-cache

  • Check ARP Table:

show arp

  • Ping and Traceroute:

ping 10.1.0.250

traceroute 10.1.0.250

  • Check LISP Mappings:

show lisp eid-table ipv4 map-cache

 

This structured approach should help you systematically identify and resolve the issue with ARP requests not being responded to in your setup. By focusing on ARP configuration, IP settings, LISP configurations, segment verification, and potential network filters, you should be able to pinpoint the problem and take corrective actions. 

E.S

 

more Cisco?!
more Gym?!

Hello @Enes Simnica 
Thank you for your detailed explanation on how to troubleshoot the problem.

As a result of our isolation, we are applying Dynamic-EID in LISP.
“lisp mobility subnet1” option ”nbr-proxy-reply requests 3
I was able to confirm communication by deleting the option “nbr-proxy-reply requests 3” of “lisp mobility subnet1”.

interface GigabitEthernet0/0/1
no ip address
negotiation auto
lisp mobility subnet1 nbr-proxy-reply requests 3 ← Here
no mop enabled
no mop sysid

I used the config shown on this site as a base for this project.
https://www.cisco.com/c/en/us/td/docs/routers/C8000V/Azure/deploying-cisco-catalyst-8000v-on-microsoft-azure/configure-l2- extension-for-public-cloud.html

nbr-proxy-reply requests 3” set as an option
I am looking for it in the documentation on the web, but I can't find it.
Is there any documentation that can help us with this?

Hello @hina316,

ur welcome!

It sounds like you’re dealing with LISP (Locator/ID Separation Protocol) configuration issues related to nbr-proxy-reply requests in your mobility subnet setup. If removing the nbr-proxy-reply requests 3 configuration resolves your communication issues, it suggests that the option might not be suited for your specific deployment or network setup.

Understanding nbr-proxy-reply requests

The nbr-proxy-reply requests command in LISP is used to configure the behavior of LISP routers in relation to proxy replies for neighbor discovery requests. Specifically, nbr-proxy-reply requests 3 would be a setting influencing how the LISP router handles or responds to neighbor discovery requests.

Would say check LISP config guide, like Cisco platform or Ios version (usually you will find great info...)

Also check Cisco Feature Navigator: Use Cisco's Feature Navigator tool to find specific features and their documentation.

  1. Cisco Support and Community:
    • Cisco Support: Engage with Cisco support for detailed, platform-specific assistance. They can provide insights into why certain configurations might cause issues in your environment.
    • Cisco Community Forums: Often, other users or Cisco experts may have encountered similar issues and can provide additional context or solutions.
  2. Configuration Examples:
    • Example Configurations: Cisco LISP Configuration Examples
    • Cisco Configuration Guides: Look for examples related to your specific configuration setup. Sometimes, deployment guides or configuration examples from Cisco’s documentation can shed light on specific options like nbr-proxy-reply requests.

Also another option (if you have time (LOOL), and nothing better to do (Double LOOL) Additional Resources:

    • Books and eBooks: Cisco-related books or eBooks might have chapters dedicated to advanced LISP configurations and common issues.
    • Technical Blogs: Sometimes, network engineers share their configurations and troubleshooting steps in blogs which might include information about less common configuration options.

Summary

For documentation and further understanding of nbr-proxy-reply requests 3:

  • Check Cisco’s LISP configuration guides and feature documentation.
  • Utilize Cisco Support and Community forums for expert advice.
  • Explore configuration examples and technical resources related to LISP.

If nbr-proxy-reply requests 3 is causing issues, it’s essential to verify whether this setting is appropriate for your deployment scenario or if other configurations might better suit your needs.

I hope my response was helpful and provided some clarity on the situation!

E.S

more Cisco?!
more Gym?!

hina316
Level 1
Level 1

Hello @Enes Simnica 

Thank you for your reply.

I also have a question about nbr-proxy-reply requests 3.
I am guessing that nbr is a command that looks for neigbhor such as ospf or bgp.
This is also a guess, but I think that the adjacent device (L3SW) will not reply to the arp-request within the standard number of times.
It seems that the adjacent device (L3SW) does not respond to the arp-request within the standard number of times, so it is possible that the threshold is set to “no” and the command is disabled.
Therefore, it seems as if the communication is working by disabling the arp-request without this threshold.

I selected all LISP in features from Cisco Feature Navigator.
No Rows to show” and no useful information was found.

LISP Configuration Guide was not listed either.
Cisco IOS IP Routing: LISP Command Reference - LISP Interface Configuration Commands [Support] - Cisco

This command was only listed on the following web site,
I could not find any detailed information about the command.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_lisp/command/ip-lisp-cr-book/lisp-if-config-cmds.html

Again, I ask about the function and config of this command, which is new in the Community.

Review Cisco Networking for a $25 gift card