cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

155
Views
0
Helpful
3
Replies
Enthusiast

Nexus 9k and Route Table confusion

I have deployed a pair of Cisco Nexus 93180 in vPC. I am routing using OSPF and BGP. I have noticed that when I do a show ip route the only default route I see is via the mgmt0 interface, but this interface sits as part of the vrf management so not sure why its showing in the route table that is made for the "default" vrf.

 

My route table should be learning the default route via iBGP and when I do a show ip route 0.0.0.0, I do see the routes that are learned via BGP in this output along with the default route for mgmt. 

 

I am not sure why this is. I am also trying to import this default route from the global route table to another vrf but it doesn't seem to be working and I am pretty sure its because the global route table doesn't see the default routes. 

 

Ideas on this?

 

93180-01# show ip route
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
*via 10.20.63.1%management, mgmt0, [1/0], 4d03h, static
10.0.2.0/24, ubest/mbest: 1/0
*via 10.53.100.138, Vlan3001, [110/1], 00:09:31, ospf-CDE, type-2, tag 3489701820
10.0.3.0/24, ubest/mbest: 1/0
*via 10.53.100.138, Vlan3001, [110/1], 00:09:31, ospf-CDE, type-2, tag 3489701820
10.0.4.0/24, ubest/mbest: 1/0
*via 10.53.100.138, Vlan3001, [110/1], 00:09:31, ospf-CDE, type-2, tag 3489701820
10.5.128.0/23, ubest/mbest: 1/0
*via 10.53.100.138, Vlan3001, [110/20], 00:09:31, ospf-CDE, type-2
10.10.18.0/24, ubest/mbest: 1/0
*via 10.53.100.138, Vlan3001, [110/1], 00:09:31, ospf-CDE, type-2, tag 3489701820
10.20.0.0/24, ubest/mbest: 2/0
*via 172.16.63.1, [200/0], 00:09:22, bgp-65001, internal, tag 65001
*via 172.16.63.2, [200/0], 00:09:14, bgp-65001, internal, tag 65001
10.20.1.0/24, ubest/mbest: 2/0
*via 172.16.63.1, [200/0], 00:09:22, bgp-65001, internal, tag 65001
*via 172.16.63.2, [200/0], 00:09:14, bgp-65001, internal, tag 65001

 

 

93180-01# show ip route 0.0.0.0
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
*via 10.20.63.1%management, mgmt0, [1/0], 4d03h, static
via 172.16.63.4, [200/0], 00:10:09, bgp-65001, internal, tag 65001
via 172.16.63.3, [200/0], 00:10:09, bgp-65001, internal, tag 65001

 

 

3 REPLIES 3
Cisco Employee

Re: Nexus 9k and Route Table confusion

Seems like you are route leaking the default route from management VRF. can you share the running config showing static routes?

 

93180-01# show ip route
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
*via 10.20.63.1%management, mgmt0, [1/0], 4d03h, static .  <<<<<<<< 

 

The above static indicates that there is a static route and the NH is in management VRF.

 

Thanks
--Vinit
Enthusiast

Re: Nexus 9k and Route Table confusion

 

!Command: show running-config
!Running configuration last done at: Mon Sep 9 19:26:43 2019
!Time: Tue Sep 10 06:04:42 2019

version 7.0(3)I7(6) Bios:version 07.65
hostname BNA-CDE-HSA-93180-01
vdc BNA-CDE-HSA-93180-01 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 248 maximum 248
limit-resource u6route-mem minimum 96 maximum 96
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8

feature tacacs+
cfs eth distribute
feature ospf
feature bgp
feature interface-vlan
feature hsrp
feature lacp
feature vpc
feature lldp
clock timezone CST -6 0
clock summer-time CST 2 Sun Mar 02:00 1 Sun Nov 02:00 60

username admin password 5 
username cpitech password 5 
ip domain-lookup
tacacs-server host 10.20.0.85 key 7
tacacs-server host 10.81.3.25 key 7
aaa group server tacacs+ TACACS
server 10.20.0.85
server 10.81.3.25
deadtime 1
source-interface mgmt0
interface breakout module 1 port 49-54 map 10g-4x
ip access-list SNMP_ACL
statistics per-entry
5 permit ip 192.168.1.100/32 any
10 permit ip 10.20.0.77/32 any
15 permit ip 10.81.3.249/32 any
70 deny ip any any
ip access-list SSH_ACL
5 permit tcp 10.20.0.150/32 any
10 permit tcp 10.81.3.249/32 any
20 permit tcp 10.81.3.250/32 any
30 permit tcp 10.20.0.151/32 any
70 deny ip any any
copp profile strict
snmp-server source-interface traps mgmt0
snmp-server source-interface informs mgmt0
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
aaa authentication login default group TACACS local
aaa authentication login console group TACACS local
aaa authorization ssh-certificate default group TACACS
aaa authorization config-commands default group TACACS local
aaa authorization commands default group TACACS local
aaa authorization config-commands console group TACACS local
aaa authorization commands console group TACACS local
aaa accounting default group TACACS local
tacacs-server directed-request

vlan 1,998-999,3000-3001,3500-3503,3529-3530
vlan 998
name BLACKHOLE
vlan 999
name NATIVE
vlan 3000
name ASA_FAILOVER
vlan 3001
name ROUTED_LINK_TO_ASA
vlan 3500
name CDE_PROD_SRVS_10.21.0.0_24
vlan 3501
name CDE_PROD_SRVS_10.21.1.0_24
vlan 3502
name CDE_PROD_SRVS_10.21.2.0_24
vlan 3503
name CDE_PROD_FLR_10.21.3.0_24
vlan 3529
name IDRAC_MGMT_10.21.29.0_24
vlan 3530
name VMWARE_MGMT_10.21.30.0_24

spanning-tree port type edge default
spanning-tree port type edge bpduguard default
ip prefix-list ALLOW_DEFAULT_ROUTE seq 5 permit 0.0.0.0/0
ip prefix-list CDE_PROD_TO_GRT seq 5 permit 10.21.0.0/24
ip prefix-list CDE_PROD_TO_GRT seq 10 permit 10.21.1.0/24
ip prefix-list CDE_PROD_TO_GRT seq 15 permit 10.21.2.0/24
ip prefix-list CDE_PROD_TO_GRT seq 20 permit 10.21.3.0/24
ip prefix-list CDE_PROD_TO_GRT seq 25 permit 10.21.29.0/24
ip prefix-list CDE_PROD_TO_GRT seq 30 permit 10.21.30.0/24
ip prefix-list FILTER-CONNECTED seq 5 permit 172.16.63.30/32
route-map CDE_PROD_TO_GRT permit 10
match ip address prefix-list CDE_PROD_TO_GRT
route-map FILTER-CONNECTED permit 10
match ip address prefix-list FILTER-CONNECTED
route-map GLOBAL_TO_VRF permit 10
match ip address prefix-list ALLOW_DEFAULT_ROUTE
vrf context CDE_PROD
rd 65000:3500
address-family ipv4 unicast
route-target import 65001:3500
route-target export 65001:3500
export map CDE_PROD_TO_GRT
import map GLOBAL_TO_VRF
vrf context management
ip route 0.0.0.0/0 10.20.63.1
vpc domain 1
peer-switch
role priority 1
peer-keepalive destination 100.100.100.2 source 100.100.100.1 vrf default
peer-gateway
layer3 peer-router
no layer3 peer-router syslog
ip arp synchronize


interface Vlan1

interface Vlan3001
no shutdown
no ip redirects
ip address 10.53.100.140/29
no ipv6 redirects
no ip ospf passive-interface
ip ospf mtu-ignore
ip router ospf CDE area 0.0.0.0

interface Vlan3500
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.0.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3500
preempt delay minimum 30 reload 30
priority 110
ip 10.21.0.1

interface Vlan3501
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.1.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3501
preempt delay minimum 30 reload 30
priority 110
ip 10.21.1.1

interface Vlan3502
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.2.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3502
preempt delay minimum 30 reload 30
priority 110
ip 10.21.2.1

interface Vlan3503
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.3.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3503
preempt delay minimum 30 reload 30
priority 110
ip 10.21.3.1

interface Vlan3529
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.29.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3529
preempt delay minimum 30 reload 30
priority 110
ip 10.21.29.1

interface Vlan3530
no shutdown
vrf member CDE_PROD
no ip redirects
ip address 10.21.30.2/24
no ipv6 redirects
ip ospf passive-interface
hsrp version 2
hsrp 3530
preempt delay minimum 30 reload 30
priority 110
ip 10.21.30.1

interface port-channel2
switchport
switchport mode trunk
switchport trunk allowed vlan 3001
vpc 2

interface port-channel3
switchport
switchport mode trunk
switchport trunk allowed vlan 3001
vpc 3

interface port-channel25
description VPC PEER-LINK
switchport
switchport mode trunk
spanning-tree port type network
vpc peer-link

interface port-channel200
description VPC TO BNA-HSA-F10-AGG-A1
switchport
switchport mode trunk
switchport trunk native vlan 999
vpc 200

interface port-channel201
description VPC TO BNA-HSA-F10-AGG-B1
switchport
switchport mode trunk
switchport trunk native vlan 999
vpc 201

interface port-channel202
description VPC TO BNA-HSA-F10-AGG-A2
switchport
switchport mode trunk
switchport trunk native vlan 999
vpc 202

interface port-channel203
description VPC TO BNA-HSA-F10-AGG-B2
switchport
switchport mode trunk
switchport trunk native vlan 999
vpc 203

interface Ethernet1/1
description BNA-CDE-EDGE-ASA_FAILOVER
switchport
switchport access vlan 3000
no shutdown

interface Ethernet1/2
description DELL E1000 CMC
switchport
switchport access vlan 3529
no shutdown

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7

interface Ethernet1/8

interface Ethernet1/9

interface Ethernet1/10

interface Ethernet1/11

interface Ethernet1/12

interface Ethernet1/13

interface Ethernet1/14

interface Ethernet1/15

interface Ethernet1/16

interface Ethernet1/17

interface Ethernet1/18

interface Ethernet1/19

interface Ethernet1/20

interface Ethernet1/21

interface Ethernet1/22

interface Ethernet1/23

interface Ethernet1/24

interface Ethernet1/25

interface Ethernet1/26

interface Ethernet1/27

interface Ethernet1/28

interface Ethernet1/29

interface Ethernet1/30

interface Ethernet1/31

interface Ethernet1/32

interface Ethernet1/33
no shutdown

interface Ethernet1/34
no shutdown

interface Ethernet1/35

interface Ethernet1/36

interface Ethernet1/37

interface Ethernet1/38

interface Ethernet1/39

interface Ethernet1/40

interface Ethernet1/41

interface Ethernet1/42
description UPLINK TO BNA-HSA-MGMT-2960-01 (Gi1/0/49)
switchport
switchport mode trunk
switchport trunk native vlan 999
switchport trunk allowed vlan 200,763,999
no shutdown

interface Ethernet1/43
switchport
switchport mode trunk
switchport trunk allowed vlan 3001
channel-group 2 mode active
no shutdown

interface Ethernet1/44
switchport
switchport mode trunk
switchport trunk allowed vlan 3001
channel-group 3 mode active
no shutdown

interface Ethernet1/45
no shutdown

interface Ethernet1/46
ip address 100.100.100.1/30
no shutdown

interface Ethernet1/47
description UPLINK TO BNA-HSA-93180-02 (Eth1/47)
switchport
switchport mode trunk
channel-group 25 mode active
no shutdown

interface Ethernet1/48
description UPLINK TO BNA-HSA-93180-02 (Eth1/48)
switchport
switchport mode trunk
channel-group 25 mode active
no shutdown

interface Ethernet1/49/1
description UPLINK TO BNA-HSA-F10-AGG-A1 (Te0/51)
switchport
switchport mode trunk
switchport trunk native vlan 999
channel-group 200 mode active
no shutdown

interface Ethernet1/49/2
description UPLINK TO BNA-HSA-F10-AGG-B1 (Te0/51)
switchport
switchport mode trunk
switchport trunk native vlan 999
channel-group 201 mode active
no shutdown

interface Ethernet1/49/3
description UPLINK TO BNA-HSA-F10-AGG-A2 (Te0/51)
switchport
switchport mode trunk
switchport trunk native vlan 999
channel-group 202 mode active
no shutdown

interface Ethernet1/49/4
description UPLINK TO BNA-HSA-F10-AGG-B2 (Te0/51)
switchport
switchport mode trunk
switchport trunk native vlan 999
channel-group 203 mode active
no shutdown

interface Ethernet1/50/1

interface Ethernet1/50/2

interface Ethernet1/50/3

interface Ethernet1/50/4

interface Ethernet1/51/1

interface Ethernet1/51/2

interface Ethernet1/51/3

interface Ethernet1/51/4

interface Ethernet1/52/1

interface Ethernet1/52/2

interface Ethernet1/52/3

interface Ethernet1/52/4

interface Ethernet1/53/1

interface Ethernet1/53/2

interface Ethernet1/53/3

interface Ethernet1/53/4

interface Ethernet1/54/1

interface Ethernet1/54/2

interface Ethernet1/54/3

interface Ethernet1/54/4

interface mgmt0
vrf member management
ip address 10.20.63.130/24

interface loopback0
ip address 172.16.63.30/32
ip ospf mtu-ignore
ip router ospf CDE area 0.0.0.0
cli alias name wr copy run start
line console
line vty
access-class SSH_ACL in
boot nxos bootflash:/nxos.7.0.3.I7.6.bin
router ospf CDE
router-id 172.16.63.30
passive-interface default
router bgp 65001
router-id 172.16.63.30
address-family ipv4 unicast
maximum-paths ibgp 2
neighbor 10.53.0.2
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 10.53.100.138
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.1
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.2
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.3
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.4
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.20
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
neighbor 172.16.63.40
remote-as 65001
update-source loopback0
address-family ipv4 unicast
soft-reconfiguration inbound always
vrf CDE_PROD
address-family ipv4 unicast
network 10.21.0.0/24
network 10.21.1.0/24
network 10.21.2.0/24
network 10.21.3.0/24
network 10.21.29.0/24
network 10.21.30.0/24
aggregate-address 10.21.0.0/19 summary-only
maximum-paths ibgp 2

logging server 10.20.0.42 5 port 10514 use-vrf management


BNA-CDE-HSA-93180-01#

Enthusiast

Re: Nexus 9k and Route Table confusion

It seems to show with a show ip route detail...but still showing the mgmt route in the default route table.

BNA-CDE-HSA-93180-01# show ip route detail
IP Route Table for VRF "default"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/32, ubest/mbest: 1/0
*via Null0, [220/0], 4d15h, broadcast, discard
127.0.0.0/8, ubest/mbest: 1/0
*via Null0, [220/0], 4d15h, broadcast, discard
255.255.255.255/32, ubest/mbest: 1/0
*via sup-eth1, [0/0], 4d15h, broadcast
0.0.0.0/0, ubest/mbest: 1/0
*via 10.20.63.1%management, mgmt0, [1/0], 4d15h, static
via 172.16.63.4, [200/0], 12:31:29, bgp-65001, internal, tag 65001
client-specific data: d
recursive next hop: 172.16.63.4/32
extended route information: BGP origin AS 65001 BGP peer AS 65001
via 172.16.63.3, [200/0], 12:31:29, bgp-65001, internal, tag 65001
client-specific data: d
recursive next hop: 172.16.63.3/32
extended route information: BGP origin AS 65001 BGP peer AS 65001
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards