Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1310
Views
12
Helpful
10
Replies

lisp pubsub diagnosis & t/s

Go to solution
Andrii Oliinyk
VIP
VIP

‎09-28-2023 10:51 AM - edited ‎09-28-2023 11:13 AM

team
please share any relevant source which would include diagnosis of the dynamic border from the edge node perspective (i.e. identify preferred BN for L2 or L3 VN, identify tunnel carrying external to fabric traffic etc) ....
thanks

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎11-07-2023 01:18 AM

When a FE needs to encapsulate to a Border in VXLAN, the load balancing algorithm takes the inner header information (src-dst), it can either take BNx or BNy.

View solution in original post

10 Replies 10

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎10-01-2023 03:46 PM

Andy, please review these two presentations and then I'll try to respond to any outstanding questions you might have,

https://www.ciscolive.com/on-demand/on-demand-details.html?#/session/1686177770252001VXxo
https://www.ciscolive.com/on-demand/on-demand-library.html?#/session/1675722400509001tOYW

Go to solution
Andrii Oliinyk
VIP
VIP
In response to jedolphi

‎10-02-2023 09:16 AM - edited ‎10-02-2023 09:21 AM

Hi Jerom
from what i derived from docs there is only way to verify which BN is in use is to use "sho ip cef <prefix> vrf <VN>".
in our case we have 2 BNs & i can see in output both of them

EN0010#show ip cef vrf ENTERPRISE_VN 10.XX.1.YY de
10.0.0.0/9, epoch 0, flags [subtree context, check lisp eligibility], per-destination sharing
SC owned,sourced: LISP remote EID - locator status bits 0x00000000
LISP remote EID: 116934 packets 42241054 bytes fwd action encap
LISP source path list
nexthop 10.XYZ.0.1 LISP0.4099
nexthop 10.XYZ.0.2 LISP0.4099
2 IPL sources [no flags]
nexthop 10.XYZ.0.1 LISP0.4099
nexthop 10.XYZ.0.2 LISP0.4099

does it mean that we cannot say which BN terminates active VXLAN tunnel?
thanks

UPD. after reading i have little bit more Qs like "how 2 external/anywhere BNs synchronize their switching to remote BNs for internet termination when they lose their local internet breakouts one by one?" etc. But it's different story...

Go to solution
jalejand
Cisco Employee
Cisco Employee
In response to Andrii Oliinyk

‎10-12-2023 03:11 AM

Unfortunately, CEF next hop hashing is just the software side of things, even using "exact route" will not give you the exact hashing for a specific traffic flow, as that depends on the equal-cost routing implementation in each hardware platform.

There was a command for cat9k that was like "show pla hard fed sw active forward exact-route..." that can provide a more accurate result when it comes to hashing. Other than that, doing an EPC capture in each  egress underlay port can give you the encapsulation details of which border was elected

0 Helpful

Go to solution
Andrii Oliinyk
VIP
VIP

‎10-12-2023 03:50 AM - edited ‎10-12-2023 04:01 AM

ok... is there any mean to manipulate of the PETR "preference" from the Edge Node perspective within LISP-router configuration?

Go to solution
jedolphi
Cisco Employee
Cisco Employee
In response to Andrii Oliinyk

‎11-06-2023 10:27 PM

Yes, for the whole Fabric Site, not per Edge Node. In the SDA UI, on each Border Node, you can adjust the LISP Priority. If you change BN1 to LISP Priority 9 and leave BN2 as default (10), then BN1 will always be preferred over BN2. Regards, Jerome

Go to solution
Andrii Oliinyk
VIP
VIP
In response to jedolphi

‎11-07-2023 01:06 AM

Hi Jerom
what is tiebreaker if priorities are equal between 2 BNs? Or VXLAN-traffic just gets pinned to arbitrary BN based on the src-dst hash calculated & are the inner or outer src-dst used for hash?

Thanks

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎11-07-2023 01:18 AM

When a FE needs to encapsulate to a Border in VXLAN, the load balancing algorithm takes the inner header information (src-dst), it can either take BNx or BNy.

Go to solution
Andrii Oliinyk
VIP
VIP
In response to jalejand

‎11-07-2023 01:29 AM - edited ‎11-07-2023 01:30 AM

is it the same for the L2-handoff traffic? we have a deployment with 2 BNs each both L3&L2-handoff, but whilst for L3-handoff both BNs are able to forward traffic from/to fabric site for the L2-handoff (gateway outside the fabric) only one of them is active at a time for VXLAN-to-L2 switching & vice versa. My concern is if EN hashes L2 traffic to L2-standby BN such a traffic gets dropped bc there is no L2-switching path for the L2VNs between BNs.

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎11-07-2023 01:44 AM - edited ‎11-07-2023 01:46 AM

Overlay load balancing does not exist in L2 traffic, as one MAC registered by different ETRs is considered "mac-move". A destination MAC will always take the unicast routing path to the RLOC registering that MAC. 

There should not be a reason for the Fabric Edge to send traffic to the L2 "standby" BN in the first place (and if there it is, then we are talking about a L2 loop or a failure on duplicate address detection mechanisms in SD-Access).

 
 

 

 

Go to solution
Andrii Oliinyk
VIP
VIP
In response to jalejand

‎11-07-2023 01:49 AM

true. i should think about default gw's MAC for out-of-fabric traffic gets registered only by Active L2-h/o BN. shame...

Top