Solved: Re: Two end points can ping each other in different subnet

interfacedy · ‎01-03-2023

Hi Please see the below diagram. CORE is a spine. VTEP01 and VTEP02 are considered as leaf VTEP. and are configured as below. Both PC01 and PC02 can ping each other. As we can see the two PC have the same subnet. My question is if PC01 and PC02 has different subnet, how can we make the two PC ping each other? thanks

VTEP01:

ip multicast-routing distributed
bridge-domain 1
member vni 5012
member GigabitEthernet2 service-instance 1

interface Loopback0
ip address 1.1.1.1 255.255.255.0
ip pim sparse-mode
!
interface GigabitEthernet2
no ip address
ip pim sparse-mode
service instance 1 ethernet
encapsulation untagged

interface GigabitEthernet3
ip address 192.168.13.1 255.255.255.0
ip pim sparse-mode

interface nve1
no ip address
source-interface Loopback0
member vni 5012 mcast-group 239.1.1.1
!
router ospf 1
network 1.1.1.1 0.0.0.0 area 0
network 192.168.13.0 0.0.0.255 area 0
!
ip pim bidir-enable
ip pim rp-address 3.3.3.3 bidir

VTEP02:

VTEP02
ip multicast-routing distributed
bridge-domain 1
member vni 5012
member GigabitEthernet2 service-instance 1

interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip pim sparse-mode
!
interface GigabitEthernet2
no ip address
ip pim sparse-mode
service instance 1 ethernet
encapsulation untagged

interface GigabitEthernet3
ip address 192.168.23.2 255.255.255.0
ip pim sparse-mode

interface nve1
no ip address
source-interface Loopback0
member vni 5012 mcast-group 239.1.1.1

router ospf 1
network 2.2.2.2 0.0.0.0 area 0
network 192.168.23.0 0.0.0.255 area 0
!
ip pim bidir-enable
ip pim rp-address 3.3.3.3 bidir

Harold Ritter · ‎01-04-2023

Hi @interfacedy ,

You would need to configure a default gateway on each PC and configure a BDI on one of the VTEPs to route between the two subnets. It would look something like this:

vrf definition test
!
address-family ipv4
exit-address-family
!

interface BDI1
vrf forwarding test
ip address 192.168.21.254 255.255.255.0 secondary # Default gateway for PC2 (assuming it is in subnet 192.168.21.0/24)
ip address 192.168.12.254 255.255.255.0. # Default gateway for PC1

NB: it is recommended to put the BDI in a VRF so that subnets used by PC1 and PC2 don't interfere with the core IP addressing.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Iaroslav · ‎01-06-2023

Not really, ACI forwarding is much more complex. If you've got some spare time, look through this section of the white paper. In short: ACI uses conversational forwarding (~ caches VTEP information) on leafs and centralized endpoint database (COOP) on spines for ACI-attached endpoints. External prefixes are exchanged in EVPN-like way.

From a very high-level perspective, yes, there are BDI's involved in routing between subnets. However, it's very different from common routing in almost every aspect.

Discovering the Why
https://braonle.wordpress.com/

View solution in original post

Harold Ritter · ‎01-04-2023

Hi @interfacedy ,

You would need to configure a default gateway on each PC and configure a BDI on one of the VTEPs to route between the two subnets. It would look something like this:

vrf definition test
!
address-family ipv4
exit-address-family
!

interface BDI1
vrf forwarding test
ip address 192.168.21.254 255.255.255.0 secondary # Default gateway for PC2 (assuming it is in subnet 192.168.21.0/24)
ip address 192.168.12.254 255.255.255.0. # Default gateway for PC1

NB: it is recommended to put the BDI in a VRF so that subnets used by PC1 and PC2 don't interfere with the core IP addressing.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

MHM Cisco World · ‎01-06-2023

@Harold Ritter bridge two subnet ? I dont this work.
@interfacedy I will send to you some note about using GW in VXLAN.

Harold Ritter · ‎01-06-2023

Hi @MHM Cisco World ,

The original poster is asking about two PC in different subnets. Also the configuration he mentioned, the two PCs are already part of the same L2 domain. But since they are on different subnets, they need use a gateway to talk to each other.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

interfacedy · ‎01-05-2023

@Harold Ritter Great! Thank you very much! it can work

Can we say each end points in ACI communicate with each other through this way above?

Iaroslav · ‎01-06-2023

Not really, ACI forwarding is much more complex. If you've got some spare time, look through this section of the white paper. In short: ACI uses conversational forwarding (~ caches VTEP information) on leafs and centralized endpoint database (COOP) on spines for ACI-attached endpoints. External prefixes are exchanged in EVPN-like way.

From a very high-level perspective, yes, there are BDI's involved in routing between subnets. However, it's very different from common routing in almost every aspect.

Discovering the Why
https://braonle.wordpress.com/

interfacedy · ‎01-07-2023

@Iaroslav Thanks. Its very good link!

MHM Cisco World · ‎01-06-2023

Need l3vni.