11-06-2014 10:34 AM - edited 03-07-2019 09:24 PM
Hello,
I am trying to setup OTV between to sites I have attached the diagram. Router23 and Router26 are the OTV edge devices and Arista25 and Arista26 are the hosts both are in Vlan100 155.1.35.0/24 at both sites. I am trying to get Arista25 to reach Arista26 but I am unable too. I have the OTV adjacency up. However, when I try to initiate a ping from Arista25 to Arista26 I get no response. Below are the configs for Router23 and Router26.
Router23 Config:
ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0001
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
no ip address
otv control-group 239.1.1.1
otv data-group 232.0.0.1/32
otv join-interface GigabitEthernet1
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
!
interface GigabitEthernet1
mtu 9216
ip address 100.100.100.1 255.255.255.0
ip pim passive
ip igmp version 3
negotiation auto
!
interface GigabitEthernet2
no ip address
negotiation auto
service instance 1 ethernet
encapsulation untagged
bridge-domain 1
!
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
!
Router23#
Router26 Config:
ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0002
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
no ip address
otv control-group 239.1.1.1
otv data-group 232.0.0.1/32
otv join-interface GigabitEthernet1
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
!
interface GigabitEthernet1
mtu 9216
ip address 100.100.100.2 255.255.255.0
ip pim passive
ip igmp version 3
negotiation auto
!
interface GigabitEthernet2
no ip address
negotiation auto
service instance 1 ethernet
encapsulation untagged
bridge-domain 1
!
service instance 100 ethernet
encapsulation dot1q 100
bridge-domain 100
!
!
interface GigabitEthernet0
vrf forwarding Mgmt-intf
no ip address
shutdown
negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip pim ssm default
!
Router26#
11-07-2014 05:55 AM
Can you provide the output of:
sh otv
sh otv vlan
sh otv route vlan 100
Also just to confirm, did you verify with a ping that the connection between the ASRs supports larger MTUs?
ping x.x.x.x size 1542 df-bit
11-07-2014 08:44 AM
Below is what you requested. Regarding the MTU it is supporting the larger packets. I put the ping test below.
Router23:
Router23#sh otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 1
State : UP
AED Capable : Yes
IPv4 control group : 239.1.1.1
Mcast data group range(s): 232.0.0.1/32
Join interface(s) : GigabitEthernet1
Join IPv4 address : 100.100.100.1
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
Router23#sh otv vlan
Key: SI - Service Instance
Overlay 1 VLAN Configuration Information
Inst VLAN Bridge-Domain Auth Site Interface(s)
0 100 100 yes Gi2:SI100
Total VLAN(s): 1
Total Authoritative VLAN(s): 1
Router23#sh otv route vlan 100
Codes: BD - Bridge-Domain, AD - Admin-Distance,
SI - Service Instance, * - Backup Route
OTV Unicast MAC Routing Table for Overlay1
Inst VLAN BD MAC Address AD Owner Next Hops(s)
----------------------------------------------------------
0 unicast routes displayed in Overlay1
----------------------------------------------------------
0 Total Unicast Routes Displayed
Router23#
Router23#ping 100.100.100.2 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 22/65/115 ms
Router23#
-----------------------------
Router26#sh otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 1
State : UP
AED Capable : Yes
IPv4 control group : 239.1.1.1
Mcast data group range(s): 232.0.0.1/32
Join interface(s) : GigabitEthernet1
Join IPv4 address : 100.100.100.2
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
Router26#sh otv vlan
Key: SI - Service Instance
Overlay 1 VLAN Configuration Information
Inst VLAN Bridge-Domain Auth Site Interface(s)
0 100 100 yes Gi2:SI100
Total VLAN(s): 1
Total Authoritative VLAN(s): 1
Router26#sh otv route vlan 100
Codes: BD - Bridge-Domain, AD - Admin-Distance,
SI - Service Instance, * - Backup Route
OTV Unicast MAC Routing Table for Overlay1
Inst VLAN BD MAC Address AD Owner Next Hops(s)
----------------------------------------------------------
0 unicast routes displayed in Overlay1
----------------------------------------------------------
0 Total Unicast Routes Displayed
Router26#ping 100.100.100.1 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/3 ms
Router26#
11-07-2014 12:00 PM
Thanks, can you dump the mac address tables on the ASRs to see if they're learning the macs from your switch?
11-07-2014 02:17 PM
That's the issue I am not learning the mac address on bridge-domain 100. I am only seeing mac address on bridge-domain 1 which is the site vlan. Below is what I see on both routers and both bridge-domain 1 and bridge-domain 100. Thank you
Router23:
Router23#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
GigabitEthernet2 service instance 1
MAC address Policy Tag Age Pseudoport
000C.29C8.C070 forward dynamic 240 GigabitEthernet2.EFP1
Router23#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 1800 second(s)
GigabitEthernet2 service instance 100
Overlay1 service instance 100
MAC address Policy Tag Age Pseudoport
FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0xe946a800
Router26:
Router26#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 300 second(s)
GigabitEthernet2 service instance 1
MAC address Policy Tag Age Pseudoport
000C.291F.14AB forward dynamic 83 GigabitEthernet2.EFP1
Router26#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP Mac learning: Enabled
Aging-Timer: 1800 second(s)
GigabitEthernet2 service instance 100
Overlay1 service instance 100
MAC address Policy Tag Age Pseudoport
FFFF.FFFF.FFFF flood static 0 OLIST_PTR:0xe9cde830
Router26#
11-07-2014 04:33 PM
Can you confirm it is spanning-tree forwarding on the connected switch (sh spann vlan 100)?
11-07-2014 05:38 PM
Yes spanning-tree is forwarding for vlan 100. Please see below:
Arista26:
Arista26#sh span vlan 100
Spanning tree instance for vlan 100
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 000c.291f.14ab
This bridge is the root
Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 000c.291f.14ab
Hello Time 2.000 sec Max Age 20 sec Forward Delay 15 sec
Interface Role State Cost Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2 designated forwarding 2000 128.2 P2p
Arista26#
Arista25:
Arista25#sh span vlan 100
Spanning tree instance for vlan 100
MST0
Spanning tree enabled protocol mstp
Root ID Priority 32768
Address 000c.29c8.c070
This bridge is the root
Bridge ID Priority 32768 (priority 32768 sys-id-ext 0)
Address 000c.29c8.c070
Hello Time 2.000 sec Max Age 20 sec Forward Delay 15 sec
Interface Role State Cost Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2 designated forwarding 2000 128.2 P2p
Arista25#
11-07-2014 06:23 PM
I'm not sure man. It doesn't appear to be an OTV issue since we're not even learning the mac address from the host. I've only seen this in two situations:
A missconfiguration of the LAN port on either the otv switch or the downstream switch.
Or a "silent host" that relies on unknown unicast flooding. Microsoft NLB in unicast mode works that way. In that case a static mac entry is required on the otv Edge device.
Good luck. When I get a chance I'll lab it up to verify the config, but it looks ok.
11-07-2014 09:40 PM
Alright thanks a lot for trying. Please let me know your findings if you ever get a chance to lab this up. Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide