OTV on ASR 1001

Toi Seng Chang · ‎04-10-2013

Hi All,

Is there anyone experienced deploy OTV using ASR 1001 between 2 datacenters? We want to acquire HSRP localization there, but at this moment I can only see lots docs are saying how to do this on N7K, not ASR. I saw it has a FHRP filtering enabled by default when the OTV configuration is done, and also see there is a access-list created by default call otv_filter_fhrp, Im just wondering besides this IP ACL there should be MAC ACL applied also, anyone have sample configuration on this? Many thanks.

Bilal Nawaz · ‎04-10-2013

Hello you are correct, there is a Layer 2 mac access list to be applied. I did this a while ago.

The otv filter-hsrp only blocks pdu's from traversing the overlay, but you still need to stop on the ethernet flow points (EFP's) for HSRP mac address being learned.

https://supportforums.cisco.com/thread/2173395

!HSRP L2ACL

mac access-list extended FILTER_HSRP

deny 0000.0c07.ac00 0000.0000.00ff any

permit any any

!

interface overlay 1

otv filter-fhrp

!

Service Instance 100

Ethernet encapsulation dot1q 100

mac access-group FILTER_HSRP out

bridge-domain 100

More info here for HSRP, GLBP and VRRP:

http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-m1.html#wp3953249580

Hope this helps.

Please rate useful posts and remember to mark any solved questions as answered. Thank you.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Toi Seng Chang · ‎04-10-2013

Hi Bilal,

Thanks for your prompt. It helps me a lot.

Besides, we now have problems with OTV AED not capable, I have checked that the site bridge-domain is permitted on the internal interface of ASR, and I have put Join interface & internal interface & overlay interface into a vrf besides the default router, and the routing (otv extended vlan gateway & core uplink interface) into default router, but the OTV adjacency disappeared then. Here is the output, any comments?

SPRTORT01#show otv site

Site Adjacency Information (Site Bridge-Domain: 3010)

Overlay1 Site-Local Adjacencies (Count: 1)

Hostname System ID Last Change Ordinal AED Enabled Status

* SPRTORT01 B0FA.EB8E.7C80 - Not AED capable

SPRTORT01#show otv detail

Overlay Interface Overlay1

VPN name : SAFP_OTV_1

VPN ID : 1

State : UP

AED Capable : No, overlay DIS not elected

IPv4 control group : 239.1.1.1

Mcast data group range(s): 232.1.1.0/28

Join interface(s) : GigabitEthernet0/0/0

Join IPv4 address : 172.30.0.101

Tunnel interface(s) : Tunnel0

Encapsulation format : GRE/IPv4

Site Bridge-Domain : 3010

Capability : Multicast-reachable

Is Adjacency Server : No

Adj Server Configured : No

Prim/Sec Adj Svr(s) : None

OTV instance(s) : 0

FHRP Filtering Enabled : Yes

ARP Suppression Enabled : No

ARP Cache Timeout : 600 seconds

Bilal Nawaz · ‎04-10-2013

Hello, Just to check over config, are you able to post it here?

Also please check that your OTV vlan that is used for election etc... Is not on your overlay interface, should only be on your inside interface.

Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

jkilleda · ‎03-15-2018

Hello Toi Seng,

OTV on ASR 1001

You can refer to the example given in the link provided.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/wan_otv/configuration/xe-3s/wan-otv-xe-3s-book/wan-otv-adj-server.pdf