Solved: Nexus 9k VXLAN EVPN - l3vni cannot ping any cast gateway

na26 · ‎02-22-2024

Hello,

I'm doing a lab with n9k (n9kv) and VXLAN EVPN fabric. Attached a simple layout. I configured a test l3vni but I'm unable to ping the configured anycast gateway from the vm attached to leaf1 or leaf3 vms can ping each other without problems.

leaf1:

configure profile MyNetwork_30000
  vlan 2300
    vn-segment 30000
  interface nve1
    member vni 30000
      mcast-group 239.1.1.1
  evpn
    vni 30000 l2
      rd auto
      route-target import auto
      route-target export auto
configure terminal
configure profile MyVRF_50000
  vlan 2000
    vn-segment 50000
  vrf context myvrf_50000
    vni 50000
    rd auto
    address-family ipv4 unicast
      route-target both auto
      route-target both auto evpn
    address-family ipv6 unicast
      route-target both auto
      route-target both auto evpn
  interface Vlan2000
    vrf member myvrf_50000
    ip forward
    ipv6 address use-link-local-only
    no ip redirects
    no ipv6 redirects
    mtu 9216
    no shutdown
  router bgp 65010
    vrf myvrf_50000
      address-family ipv4 unicast
        advertise l2vpn evpn
        redistribute direct route-map fabric-rmap-redist-subnet
        maximum-paths ibgp 2
      address-family ipv6 unicast
        advertise l2vpn evpn
        redistribute direct route-map fabric-rmap-redist-subnet
        maximum-paths ibgp 2
  interface nve1
    member vni 50000 associate-vrf
configure terminal
configure profile MyNetwork_30001
  vlan 2301
    vn-segment 30001
    name vsphere-mgmt-test
  interface Vlan2301
    vrf member myvrf_50000
    ip address 10.9.230.1/24 tag 12345
    mtu 9216
    fabric forwarding mode anycast-gateway
    no shutdown
  interface nve1
    member vni 30001
      mcast-group 239.1.1.1
  evpn
    vni 30001 l2
      rd auto
      route-target import auto
      route-target export auto

leaf3:

configure profile MyNetwork_30000
  vlan 2300
    vn-segment 30000
  interface nve1
    member vni 30000
      mcast-group 239.1.1.1
  evpn
    vni 30000 l2
      rd auto
      route-target import auto
      route-target export auto
configure terminal
configure profile MyVRF_50000
  vlan 2000
    vn-segment 50000
  vrf context myvrf_50000
    vni 50000
    rd auto
    address-family ipv4 unicast
      route-target both auto
      route-target both auto evpn
    address-family ipv6 unicast
      route-target both auto
      route-target both auto evpn
  interface Vlan2000
    vrf member myvrf_50000
    ip forward
    ipv6 address use-link-local-only
    no ip redirects
    no ipv6 redirects
    mtu 9216
    no shutdown
  router bgp 65010
    vrf myvrf_50000
      address-family ipv4 unicast
        advertise l2vpn evpn
        redistribute direct route-map fabric-rmap-redist-subnet
        maximum-paths ibgp 2
      address-family ipv6 unicast
        advertise l2vpn evpn
        redistribute direct route-map fabric-rmap-redist-subnet
        maximum-paths ibgp 2
  interface nve1
    member vni 50000 associate-vrf
configure terminal
configure profile MyNetwork_30001
  vlan 2301
    vn-segment 30001
    name vsphere-mgmt-test
  interface Vlan2301
    vrf member myvrf_50000
    ip address 10.9.230.1/24 tag 12345
    mtu 9216
    fabric forwarding mode anycast-gateway
    no shutdown
  interface nve1
    member vni 30001
      mcast-group 239.1.1.1
  evpn
    vni 30001 l2
      rd auto
      route-target import auto
      route-target export auto

Thanks for helping !

na26 · ‎02-22-2024

EDIT: I've problems even with l2vni. I suspect the problems are related to the fact that this is a nested lab.

View solution in original post

na26 · ‎02-22-2024

EDIT: I've problems even with l2vni. I suspect the problems are related to the fact that this is a nested lab.