Solved: NX-7000 : Configuring the default-gateway - Page 2

Rosa Ladeira · ‎09-06-2011

I am trunking 6509 WS-SUP32-10GE-3B's link interface

Gi5/3 connected trunk a-full a-1000 10/100/1000BaseT

with nexus 7000 (N7K-M148GT-11) interface ethernet 2/48

Eth2/48 *** Trunk com 6509 connected trunk full 1000 10/100/1000

By now, NX7000 is working as a switch.

I have configured 2 NX2000 as interfaces of NX7000.

Each NX2000 has a host on port 1/1. Each host is in a different vlan.

As 6509 is, by now, routing I must set a default gateway to NX7000 even though hosts can't exchange info.

Question: how can I set a default gateway to NX7000 ?

Thanks

Rosa

Jerry Ye · ‎09-07-2011

Can you post the follow command output?

show ip route vrf management

and

ping 147.65.14.100 vrf management

ping 147.65.2.200 vrf management

Regards,

jerry

Rosa Ladeira · ‎09-07-2011

Smale# show ip route vrf management

IP Route Table for VRF "management"

'*' denotes best ucast next-hop

'**' denotes best mcast next-hop

'[x/y]' denotes [preference/metric]

192.168.14.0/24, ubest/mbest: 1/0, attached

*via 192.168.14.250, mgmt0, [0/0], 1d23h, direct

192.168.14.250/32, ubest/mbest: 1/0, attached

*via 192.168.14.250, mgmt0, [0/0], 1d23h, local

Smale#

Smale# ping 147.65.14.100 vrf management

PING 147.65.14.100 (147.65.14.100): 56 data bytes

ping: sendto 147.65.14.100 64 chars, No route to host

Request 0 timed out

ping: sendto 147.65.14.100 64 chars, No route to host

Request 1 timed out

ping: sendto 147.65.14.100 64 chars, No route to host

^C

--- 147.65.14.100 ping statistics ---

3 packets transmitted, 0 packets received, 100.00% packet loss

Smale#

Smale# ping 147.65.2.200 vrf management

PING 147.65.2.200 (147.65.2.200): 56 data bytes

ping: sendto 147.65.2.200 64 chars, No route to host

Request 0 timed out

ping: sendto 147.65.2.200 64 chars, No route to host

Request 1 timed out

ping: sendto 147.65.2.200 64 chars, No route to host

^C

--- 147.65.2.200 ping statistics ---

3 packets transmitted, 0 packets received, 100.00% packet loss

Smale#

Jerry Ye · ‎09-07-2011

I see the problem, you vrf management doesn't have a default route out to the rest of your network. Can you ping from your computer to any host in the 182.168.14.x network?

Here is how you put a default route in the management vrf:

vrf context management

ip route 0.0.0.0/0 192.168.14.x <- your default gateway IP

HTH,

jerry

Rosa Ladeira · ‎09-07-2011

Smale# conf t

Enter configuration commands, one per line. End with CNTL/Z.

Smale(config)# vrf context management

Smale(config-vrf)# ip route 0.0.0.0/0 192.168.14.254

Smale(config-vrf)# exit

Smale(config)# exit

Smale# copy running-config startup-config

[########################################] 100%

Smale#

Smale# show ip route vrf management

IP Route Table for VRF "management"

'*' denotes best ucast next-hop

'**' denotes best mcast next-hop

'[x/y]' denotes [preference/metric]

0.0.0.0/0, ubest/mbest: 1/0

*via 192.168.14.254, mgmt0, [1/0], 00:01:14, static

192.168.14.0/24, ubest/mbest: 1/0, attached

*via 192.168.14.250, mgmt0, [0/0], 2d00h, direct

192.168.14.250/32, ubest/mbest: 1/0, attached

*via 192.168.14.250, mgmt0, [0/0], 2d00h, local

Smale# ping 147.65.14.100

PING 147.65.14.100 (147.65.14.100): 56 data bytes

ping: sendto 147.65.14.100 64 chars, No route to host

Request 0 timed out

ping: sendto 147.65.14.100 64 chars, No route to host

Request 1 timed out

ping: sendto 147.65.14.100 64 chars, No route to host

Request 2 timed out

ping: sendto 147.65.14.100 64 chars, No route to host

^C

--- 147.65.14.100 ping statistics ---

4 packets transmitted, 0 packets received, 100.00% packet loss

Smale# ping 147.65.2.200

PING 147.65.2.200 (147.65.2.200): 56 data bytes

ping: sendto 147.65.2.200 64 chars, No route to host

Request 0 timed out

ping: sendto 147.65.2.200 64 chars, No route to host

Request 1 timed out

ping: sendto 147.65.2.200 64 chars, No route to host

^C

--- 147.65.2.200 ping statistics ---

3 packets transmitted, 0 packets received, 100.00% packet loss

Smale#

Rosa

Jerry Ye · ‎09-07-2011

Hi Rosa,

When you want to ping from the management interface, you have to use the vrf management keyword at the end of the command. Like this:

ping 147.65.2.200 vrf management

ping 147.65.14.200 vrf management

Regards,

jerry

Reza Sharifi · ‎09-07-2011

Jerry,

So in the Nexus OS, it is now ping IP then vrf name vs with the regular IOS it is ping vrf name then IP?

Reza

Jerry Ye · ‎09-07-2011

Hi Reza,

In NXOS, you put vrf vrf_name at the end of the command:

ping 1.1.1.1 vrf management

Regards,

jerry

Rosa Ladeira · ‎09-07-2011

Smale# ping 147.65.14.100 vrf default

PING 147.65.14.100 (147.65.14.100): 56 data bytes

ping: sendto 147.65.14.100 64 chars, No route to host

^C

--- 147.65.14.100 ping statistics ---

1 packets transmitted, 0 packets received, 100.00% packet loss

Smale# ping 147.65.2.200 vrf default

PING 147.65.2.200 (147.65.2.200): 56 data bytes

ping: sendto 147.65.2.200 64 chars, No route to host

^C

--- 147.65.2.200 ping statistics ---

1 packets transmitted, 0 packets received, 100.00% packet loss

Smale#

Jerry Ye · ‎09-07-2011

Is your 192.168.14.x network reachable from 147.65.14.x and 147.65.2.x?

Regards,

jerry

Rosa Ladeira · ‎09-07-2011

This way

rosa@Morgana:~$ ifconfig -a

eth3 Link encap:Ethernet HWaddr b8:ac:6f:3f:ce:6c

inet addr:147.65.14.6 Bcast:147.65.14.255 Mask:255.255.255.0

inet6 addr: fe80::baac:6fff:fe3f:ce6c/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:18900628 errors:0 dropped:2776 overruns:0 frame:0

TX packets:17497401 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:9819081830 (9.8 GB) TX bytes:2047585643 (2.0 GB)

Interrupt:16

eth3:1 Link encap:Ethernet HWaddr b8:ac:6f:3f:ce:6c

inet addr:192.168.14.6 Bcast:192.168.14.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

Interrupt:16

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1

RX packets:24678 errors:0 dropped:0 overruns:0 frame:0

TX packets:24678 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:738242 (738.2 KB) TX bytes:738242 (738.2 KB)

rosa@Morgana:~$

Jerry Ye · ‎09-07-2011

You are using a Unix machine to route between these networks? Make sure you have routing enabled, if not, your N7K will not be able to ping via the management interfaces.

Regards,

jerry

Rosa Ladeira · ‎09-07-2011

Jery,

I am working on a test environment copied from de real network.

Sorry, there is something I misunderstood.

When I am inside NX7000 (via managemet interface) pinging a host inside NX2000 wich, I guess (now), is part of NX7000, I am not using linux to route between NX7000 e 6509 neither NX2000.

If I am inside NX7000 via console I supose I would not be able to ping. Is it true ?

Rosa

Jerry Ye · ‎09-07-2011

Okay, if you are inside the N7K via the management interface traffic will go to your host if you have SVI on the N7K. However, in your case, your N7K is L2 and SVI/L3 is handle by 6500. This way, you only possible L3 connectivity is via management. To make this to work, your Linux machine needs to route the traffic, otherwise, none of the traffic will reach your test machine on VLAN 2 and VLAN 14.

To your last questions, you will not able to ping and it is expected.

Regards,

jerry

Rosa Ladeira · ‎09-07-2011

Sorry again, but i am really confused about vrf concept. There at least 2 vrfs enviroments. Cli where answers ? default.

So, I figured out port eth 2/48 (trunk between NX7000 and 6509) should be a vrf default port. Is it a stupid question ?

Smale# sh vrf all

VRF-Name VRF-ID State Reason

default 1 Up --

management 2 Up --

Smale# where

netadm@Smale%default

Smale# sh vrf interface ethernet 2/48

Interface VRF-Name VRF-ID

Does NX2000 host reach 6509 routing through vrf default ?

Jerry Ye · ‎09-07-2011

VRF is a L3 virtualization technology. It allows you to have multiple routing instances.

In the N7K, you will have 2 VRF by default - default VRF and management VRF. To use the default VRF, you need to have SVI configured on the N7K. In your case, you don't. The traffic is going to VLAN trunk not VRF.

Regards,

jerry