I'm tearing (what's left of) my hair out over trying to use this recommendation for HSRP Isolation of Dual L2/L3 Pod - https://www.cisco.com/c/en/us/support/docs/switches/nexus-7000-series-switches/118934-configure-nx7k-00.html#anc7
I'm labbing it on eve-ng using the Nexus 9000v and will be looking to roll that onto Nexus 92160.
NB. while that doco is for N7 it has a caveat saying that it'll work for N9 too.
VPC pairs are up and running. The PACL is configured and applied to the VPC DCI, but it just isn't blocking the HSRP hellos. Mucked around with TCAM carving just in case.
I saw a recommendation for just changing the HSRP authentication password on the VPC pairs and disabling gratuitous arp hsrp duplicate. This appears to work but I can't let it go that I've failed on the PACL front.
The Cisco feature navigator seems to imply that the 9000v (and the 92160s) don't actually support PACLs.
Can anyone either put me out of my misery or further into it by confirming/denying that the PACL option is not going to work?
No comments:
Post a Comment