Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
934
Views
0
Helpful
2
Replies

Cisco ACI l3out with overlap IP

RasulAliyev6829
Level 1
Level 1

‎07-21-2020 11:17 AM

Hello dears,

 

 

I have 2 independent Cisco ACI fabric connect each other wit L3out as shown in topology. Please see attached file.

As you can see I have 1 Endpoint node on each site. They are clustered between each other and have VIP address. Only active node can advertise VIP address. The problem is Cisco ACI site 1have a fault with overlap ip address 3.3.3.3. This because 3.3.3.3/32 ip address was configured on L3 out to ASR9k as import and also on site 1 Endpoint l3 out also as import. Due to this fault ACI can forward VIP address from one last configured l3 out as a source. When we are playing with Active/Standby clustering the ACI site 1 Drop packets because 3.3.3.3/32 not coming from expected L3out. 

 

Did anyone have some kind of scenario ? IF yes  how can I resolve it?  Old cli can do that without any isse, but ACi no )) The version of the ACI are 4.2(3l)

 

 

Labels:
Preview file
79 KB
0 Helpful
2 Replies 2

joezersk
Cisco Employee
Cisco Employee

‎07-23-2020 02:11 AM

Your scenario is exactly why we developed Multi-site on ACI.  Without getting into all the ugly issues you will face in your example topology, please trust me when I say that your life will become so much easier by moving to Multi-site.  I am not a salesperson.  I don't get paid if you buy or don't buy.  But 1000% percent, your solution lies with Multi-site.  I would suggest you read up on it a bit and start to see how it solves your issue (and many others you have not faced yet).  I would recommend you read the Multi-site whitepaper because it gives you the technical details on how it all works.  

https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739609.html

and the Multi-site service node paper might also be useful:

https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-743107.html

Hope it helps!

0 Helpful

peterzhang
Level 1
Level 1

‎07-23-2020 08:55 AM

The reason that ACI won't allow you to have duplicated prefixes (except for 0/0) is because you typically would only expect a specific prefix to be advertised to ACI from one location within the same VRF

 

If you need to have back up routes, you can do so by using summary routes or manipulate LPM a bit with different masks.

 

I am not sure why you would need 3.3.3.3 from the customer L3Out, is the customer sending the same 3.3.3.3 routes to you ? 

 

If you only need to advertise routes to the customer, you can transit route 3.3.3.3 and advertise it out of the customer VRF

 

Thanks

 

 

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License