Wednesday, March 10, 2021

ACI multipod and separate L3Out per pod

In my ACI multipod environment, we have L3outs for each VRF replicated for each pod. Recently I noticed that external traffic which I expected to ingress in one data center would instead, traverse the L3 wan and instead ingress in another data center. I didn't really pay much attention to this until I was configuring more L3Outs for a new VRF.

I configured it on one pod (POD2 - the same dc that ingress had bypassed previously) and noticed that my EPG/BD prefixes weren't being properly advertised to the external wan. I could see them being advertised across the L3 interface, but on my MPLS node and throughout the wide WAN the prefix was nowhere to be found in the routing table. Now the host using the EPG exists only in POD1. When checking the VRF routing table for leaf switches in POD1, I can see the prefix. In POD2, the prefix does not appear in the routing table. Is this by design? Is this a misconfiguration on my part? Is there something I can do to allow this EPG that is technically only hosted in POD1 to be accessible via ingress into POD2?



No comments:

Post a Comment