I'm having some issues with a simple vxlan setup using static ingress replication.
The Anycast vPC pair's VTEP doesn't seem to be responsive at all. No encapsulated L2 traffic is being sent across the vxlan underlay if its being generated on the vPC pair side. I am able to see encapsulated L2 traffic being sent from the single 9K (10.51.8.50) towards to the pair. I see the packet coming in (an ARP request) but it doesn't appear to be decapsulated and forwarded to VLAN 500. When I generate L2 traffic on the vPC side it works fine locally but never appears to leave the VTEP.
I've dropped the MTU on the originating hosts to 1400 to get across my WAN link as its limited to 1500.
I have verified L3 connectivity:
ping 10.51.8.50 source-interface lo50
ping 10.243.13.50 source-interface lo50
I have verified the nve peer:
Interface Peer-IP State LearnType Uptime Router-Mac --------- -------------------------------------- ----- --------- -------- ----------------- nve1 10.51.8.50 Up DP 5d02h n/a
The vPC link appears good:
vPC domain id : 100
Peer status : peer adjacency formed ok
vPC keep-alive status : peer is alive
Configuration consistency status : success
Per-vlan consistency status : success
Type-2 consistency status : success
vPC role : primary
Number of vPCs configured : 50
Peer Gateway : Disabled
Dual-active excluded VLANs : 2
Graceful Consistency Check : Enabled
Auto-recovery status : Enabled, timer is off.(timeout = 240s)
Delay-restore status : Timer is off.(timeout = 30s)
Delay-restore SVI status : Timer is off.(timeout = 10s)
Operational Layer3 Peer-router : Disabled
Virtual-peerlink mode : Disabled
Config relating to vxlan:
1-SW1:
NXOS: version 9.3(1)
Cisco Nexus9000 C93180YC-FX Chassis
vlan 500
name VxLAN
vn-segment 5000
interface Vlan500
description vxlan-segment 5000 - 10.100.1.0/23
no shutdown
mtu 1500
ip address 10.100.1.250/23
interface nve1
no shutdown
source-interface loopback50
member vni 5000
ingress-replication protocol static
peer-ip 10.51.8.50
interface loopback50
description VxLAN - VN5000
ip address 10.241.13.51/32
ip address 10.241.13.50/32 secondary
1-SW2:
NXOS: version 9.3(1)
Cisco Nexus9000 C93180YC-FX Chassis
vlan 500
name VxLAN
vn-segment 5000
interface Vlan500
description vxlan-segment 5000 - 10.100.1.0/23
no shutdown
mtu 1500
ip address 10.100.1.251/23
interface nve1
no shutdown
source-interface loopback50
member vni 5000
ingress-replication protocol static
peer-ip 10.51.8.50
interface loopback50
description VxLAN - VN5000
ip address 10.241.13.52/32
ip address 10.241.13.50/32 secondary
2-SW1
NXOS: version 9.3(1)
Cisco Nexus9000 C93240YC-FX2 Chassis
vlan 500
name VxLAN
vn-segment 5000
interface Vlan500
description vxlan-segment 5000 - 10.100.1.0/23
no shutdown
mtu 1500
ip address 10.100.1.252/23
interface nve1
no shutdown
source-interface loopback50
member vni 5000
ingress-replication protocol static
peer-ip 10.241.13.50
interface loopback50
description VxLAN - VN5000
ip address 10.51.8.50/32
Any ideas why the vPC pairs VTEP seems to be dead?
No comments:
Post a Comment