cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1849
Views
0
Helpful
8
Replies

Trying to setup OTV on ASR1000 between two sites.

V120311
Level 1
Level 1

Hello,

   I am trying to setup OTV between to sites I have attached the diagram. Router23 and Router26 are the OTV edge devices and Arista25 and Arista26 are the hosts both are in Vlan100 155.1.35.0/24 at both sites. I am trying to get Arista25 to reach Arista26 but I am unable too. I have the OTV adjacency up. However, when I try to initiate a ping from Arista25 to Arista26 I get no response. Below are the configs for Router23 and Router26.

 


Router23 Config:

ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0001
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
 mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
 no ip address
 otv control-group 239.1.1.1
 otv data-group 232.0.0.1/32
 otv join-interface GigabitEthernet1
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet1
 mtu 9216
 ip address 100.100.100.1 255.255.255.0
 ip pim passive
 ip igmp version 3
 negotiation auto
!
interface GigabitEthernet2
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
 !
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
Router23#


Router26 Config:

ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0002
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
 mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
 no ip address
 otv control-group 239.1.1.1
 otv data-group 232.0.0.1/32
 otv join-interface GigabitEthernet1
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet1
 mtu 9216
 ip address 100.100.100.2 255.255.255.0
 ip pim passive
 ip igmp version 3
 negotiation auto
!
interface GigabitEthernet2
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
 !
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet0
 vrf forwarding Mgmt-intf
 no ip address
 shutdown
 negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip pim ssm default
!
Router26#

8 Replies 8

AJ Cruz
Level 3
Level 3

Can you provide the output of:

sh otv

sh otv vlan

sh otv route vlan 100

 

Also just to confirm, did you verify with a ping that the connection between the ASRs supports larger MTUs?

ping x.x.x.x size 1542 df-bit

Below is what you requested. Regarding the MTU it is supporting the larger packets. I put the ping test below.

 

Router23:

Router23#sh otv
Overlay Interface Overlay1
 VPN name                 : None
 VPN ID                   : 1
 State                    : UP
 AED Capable              : Yes
 IPv4 control group       : 239.1.1.1
 Mcast data group range(s): 232.0.0.1/32
 Join interface(s)        : GigabitEthernet1
 Join IPv4 address        : 100.100.100.1
 Tunnel interface(s)      : Tunnel0
 Encapsulation format     : GRE/IPv4
 Site Bridge-Domain       : 1
 Capability               : Multicast-reachable
 Is Adjacency Server      : No
 Adj Server Configured    : No
 Prim/Sec Adj Svr(s)      : None

Router23#sh otv vlan
Key:  SI - Service Instance

Overlay 1 VLAN Configuration Information
 Inst VLAN  Bridge-Domain  Auth  Site Interface(s)
 0    100   100            yes   Gi2:SI100
 Total VLAN(s): 1
 Total Authoritative VLAN(s): 1

Router23#sh otv route vlan 100

Codes: BD - Bridge-Domain, AD - Admin-Distance,
       SI - Service Instance, * - Backup Route

OTV Unicast MAC Routing Table for Overlay1

 Inst VLAN BD     MAC Address    AD    Owner  Next Hops(s)
----------------------------------------------------------

0 unicast routes displayed in Overlay1

----------------------------------------------------------
0 Total Unicast Routes Displayed

Router23#

 

Router23#ping 100.100.100.2 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 22/65/115 ms
Router23#

-----------------------------

Router26#sh otv
Overlay Interface Overlay1
 VPN name                 : None
 VPN ID                   : 1
 State                    : UP
 AED Capable              : Yes
 IPv4 control group       : 239.1.1.1
 Mcast data group range(s): 232.0.0.1/32
 Join interface(s)        : GigabitEthernet1
 Join IPv4 address        : 100.100.100.2
 Tunnel interface(s)      : Tunnel0
 Encapsulation format     : GRE/IPv4
 Site Bridge-Domain       : 1
 Capability               : Multicast-reachable
 Is Adjacency Server      : No
 Adj Server Configured    : No
 Prim/Sec Adj Svr(s)      : None

Router26#sh otv vlan
Key:  SI - Service Instance

Overlay 1 VLAN Configuration Information
 Inst VLAN  Bridge-Domain  Auth  Site Interface(s)
 0    100   100            yes   Gi2:SI100
 Total VLAN(s): 1
 Total Authoritative VLAN(s): 1

Router26#sh otv route vlan 100

Codes: BD - Bridge-Domain, AD - Admin-Distance,
       SI - Service Instance, * - Backup Route

OTV Unicast MAC Routing Table for Overlay1

 Inst VLAN BD     MAC Address    AD    Owner  Next Hops(s)
----------------------------------------------------------

0 unicast routes displayed in Overlay1

----------------------------------------------------------
0 Total Unicast Routes Displayed

Router26#ping 100.100.100.1 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/3 ms
Router26#

 

 

 

 

Thanks, can you dump the mac address tables on the ASRs to see if they're learning the macs from your switch?

That's the issue I am not learning the mac address on bridge-domain 100. I am only seeing mac address on bridge-domain 1 which is the site vlan. Below is what I see on both routers and both bridge-domain 1 and bridge-domain 100. Thank you

 

Router23:

 

Router23#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    GigabitEthernet2 service instance 1
   MAC address    Policy  Tag       Age  Pseudoport
   000C.29C8.C070 forward dynamic   240  GigabitEthernet2.EFP1

Router23#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 1800 second(s)
    GigabitEthernet2 service instance 100
    Overlay1 service instance 100
   MAC address    Policy  Tag       Age  Pseudoport
   FFFF.FFFF.FFFF flood   static    0    OLIST_PTR:0xe946a800

 

Router26:

Router26#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    GigabitEthernet2 service instance 1
   MAC address    Policy  Tag       Age  Pseudoport
   000C.291F.14AB forward dynamic   83   GigabitEthernet2.EFP1

Router26#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 1800 second(s)
    GigabitEthernet2 service instance 100
    Overlay1 service instance 100
   MAC address    Policy  Tag       Age  Pseudoport
   FFFF.FFFF.FFFF flood   static    0    OLIST_PTR:0xe9cde830

Router26#

 

Can you confirm it is spanning-tree forwarding on the connected switch (sh spann vlan 100)?

Yes spanning-tree is forwarding for vlan 100. Please see below:

Arista26:

Arista26#sh span vlan 100
Spanning tree instance for vlan 100
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     000c.291f.14ab
             This bridge is the root

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     000c.291f.14ab
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2              designated forwarding 2000      128.2    P2p

Arista26#

 

Arista25:

Arista25#sh span vlan 100
Spanning tree instance for vlan 100
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     000c.29c8.c070
             This bridge is the root

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     000c.29c8.c070
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2              designated forwarding 2000      128.2    P2p

Arista25#

 

 

I'm not sure man. It doesn't appear to be an OTV issue since we're not even learning the mac address from the host. I've only seen this in two situations:

A missconfiguration of the LAN port on either the otv switch or the downstream switch.

Or a "silent host" that relies on unknown unicast flooding. Microsoft NLB in unicast mode works that way. In that case a static mac entry is required on the otv Edge device.

Good luck. When I get a chance I'll lab it up to verify the config, but it looks ok.

Alright thanks a lot for trying. Please let me know your findings if you ever get a chance to lab this up. Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco