02-06-2015 01:16 AM - edited 03-07-2019 10:32 PM
Have I found a bug?
I have a L3 port-channel with one end in the global space and the other in a VRF. This works well on a 3750 but not a 6509, why?
I can ping the 10.119.12.5 address but not the 10.119.12.6 address even though they are supposedly directly connected. If this works on a 3750, why does it not work on a 6509?
02-06-2015 03:19 AM
What do you static routes look like ?
Jon
02-06-2015 06:32 AM
Jon
I have attached the complete route table (with a few public IP's removed). But as the port-channel is a connected route it will have better distance over statics. 6509_abv_routes.txt
It must be a bug surely?
02-06-2015 09:51 AM
I'm not following your route table.
Your VRF has a static default route pointing to the correct next hop ie. the global end of the port channel.
But the global routing table for all the 10.118.5.x IPs is pointing to 10.119.12.1 not 10.119.12.6 which is the VRF end of the port channel ?
Jon
02-07-2015 01:59 AM
Jon
The 10.118.5.x IPs point to the SVI on the 3750 otherwise the servers will be down because the etherchannel will not pass traffic. I want to set the next hop to 10.119.12.6 but I can't because the etherchannel is broken.
My question is why won't the etherchannel work, its a point to point link?
6509#ping 10.119.12.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.119.12.6, timeout is 2 seconds:
.....
02-07-2015 02:53 AM
Okay, that makes sense.
Edited - sorry you did say in your first post that you can ping the global end.
Don't know is the short answer because as far as I can see this should work.
Jon
02-07-2015 07:15 AM
Jon
I remove etherchannel and used L3 interfaces but still no ping. The 3750 works with etherchannel or L3 interfaces. But there is a difference.
The 3750 has a different MAC address per interface but the 6509 uses the same MAC per interface.
6509#sh arp | inc 10.119.12
Internet 10.119.12.1 100 88f0.77eb.cc47 ARPA Vlan400
Internet 10.119.12.2 - d0c7.89a8.b940 ARPA Vlan400
Internet 10.119.12.5 - d0c7.89a8.b940 ARPA GigabitEthernet1/2/ 40
Internet 10.119.12.6 0 Incomplete ARPA
Internet 10.119.12.9 - d0c7.89a8.b940 ARPA GigabitEthernet2/2/ 40
Internet 10.119.12.10 0 Incomplete ARPA
maybe this has something to do with the issue?
02-07-2015 08:25 AM
Try making one end of the link a L2 port and create a L3 SVI for it with the same IP as you had assigned to the etherchannel.
Use a new vlan for this.
Jon
02-09-2015 12:44 AM
Jon
Your suggestion will not work, here is the explanation and it is crazy!
I solved it, this might be useful for others. The 6509 behaves differently from a 3750 when assigning MAC addresses to interfaces. The 3750 uses the MAC address assigned to the interface, so each interface has a different MAC address.
The crazy part is the 6509 uses the MAC address of the supervisor for an SVI and a L3 (no switchport) interface but uses the BIA for a L2 interface. This stops routing when using VRF's because both ends have the same MAC address. The answer is it change the MAC address back using the interface command: mac-address H.H.H
02-09-2015 11:25 AM
Dave
Thanks for getting back and letting me know.
Jon
02-07-2015 04:08 AM
I just checked the IOS version you are running and for IOS 15 on the 6500 for VRF-Lite support you need a minimum of IP Services so perhaps that is why it is not working.
See this link for details -
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide