Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1070
Views
4
Helpful
5
Replies

Help verifying SD-WAN OMP routing from CLI

Go to solution
bmcgahan
Level 1
Level 1

‎05-11-2024 05:57 AM

Does anyone know if there is a CLI equivalent to show ip cef for doing an SD-WAN/OMP lookup?

I'm looking for a command that will fully resolve the OMP learned destination to the local IPsec tunnels, showing the full recursive lookup.

In the attached screenshot, OMP tells me that the prefix 192.168.33.0/24 is learned via TLOC 172.17.3.3, on both colors mpls and biz-internet.

BFD shows that I have 2 tunnels going to TLOC 172.17.3.3, one to mpls, one to biz-internet.

Is there one command that wraps this all together, where if you lookup 1.2.3.4/32 it will show you recurse to IPsec tunnels 1 & 2 at next-hops X & Y ?

TIA!

Brian

SD-WAN OMP VerificationsSD-WAN OMP Verifications

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎05-11-2024 02:25 PM

Show ip cef is not include OMP routes

You can use for cedge 

Show sdwan ip fib 

To check omp in routing table

MHM

View solution in original post

5 Replies 5

Go to solution
Kanan Huseynli
VIP
VIP

‎05-11-2024 02:22 PM

Hi,

good question. Unfortunately there is no single command.

Normally, you need to check show ip route which shows remote primary SD-WAN routers (172.17.3.3 is system IP of the router), basically you immediately understand that where it will be forwarded by routing. Then to understand actual remote interfaces (i.e TLOC) you can check OMP table via show sdwan omp vpn [vrf-id] [prefix/prefix length] which shows accepted and installed (C,I,R) OMP routes (in reality, show ip route is derived from show sdwan omp route). Then you need to check which BFDs you have towards remote TLOCs.

Also, if you have data policy or application aware routing, you need to check additional outputs.

show sdwan policy service-path vpn [rest of command] with "all" keyword can be used to understand actual tunnel for specific traffic pattern.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Go to solution
bmcgahan
Level 1
Level 1
In response to Kanan Huseynli

‎05-12-2024 06:14 AM

Good one to know, thanks Kanan!

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎05-11-2024 02:25 PM

Show ip cef is not include OMP routes

You can use for cedge 

Show sdwan ip fib 

To check omp in routing table

MHM

Go to solution
bmcgahan
Level 1
Level 1
In response to MHM Cisco World

‎05-12-2024 06:08 AM

Thanks, this is exactly what I was looking for!

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎05-11-2024 02:31 PM - edited ‎05-11-2024 02:31 PM

In addition to, to understand more about SD-WAN routing and troubleshooting of it I suggest "Advanced SD-WAN Routing Troubleshooting – BRKENT-3793" Ciscolive session. Also "Cisco SD-WAN - Hidden Complexity Revealed" beginning from page 44, it is described what you asked. Both are great sessions.

P.S Ciscolive sessions indeed are great, you get more info which not present in documentations. Without ciscolive sessions, I'd not be SD-WAN Community VIP

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card