Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi guys.I have several ACLs configured on my N9K. I see a lot of 'fragmented' entries like these: [0x0472:0x0474:0x0474] permit tcp 0.0.0.0/0 x.x.x.x/26 fragment routeable 0x1 [0]It always comes together with 'normal' entries like these:[0x0473:0x047...
I have two switches connected with two trunk links.
On the first switch spanning tree is switched off.
On the second switch, MST is turned on.
Ports configuration is as follows:
interface Ethernet0/2 switchport trunk allowed vlan 2-4 switchport trun...
Also didn't you mean to run OSPF inside vrf VXLAN-900329? In your current config OSPF is in GRT and you're trying to import routes from GRT to VRF and vice versa. The right way to do this seems to just run OSPF in VRF on Nexus' side.
Hi, Polina.Aren't you running into classic routing-over-vpc problem in here? L3 routing over vPC PortChannel is not a supported design: I'm not 100% sure about your case since you end host is connected - as I see - as orphan, not as another vPC PC m...
Got an answer from Cisco TAC.TLDR: this 'fragment' entries are for fragmented packets, which only have IP headers and don't have TCP/UDP headers. Found out it's documented here: https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulat...
I guess the main reason is that TCP session between two LDP neighbors does not necessarily need to be established on the same link that Hello messages are send on.
Refer to the topology on the picture I attached. Let's say we are establishing LDP bet...
Thank you, but it didn't help. How exactly should it help? I mean, MST sends its messages untagged, and, if I understand right, your configuration restricts any untagged traffic at all.
