Symptom/Cause | Solution |
|---|---|
“map access port” for a physical port is not successful | Ensure that the access port that you are trying to map to a vxlan vnid is part of a bridge. |
“map access port-vlan” for an interface is not successful | Ensure that the access port that you are trying to map to a vxlan vnid is part of a bridge. Ensure that the vlan which you are trying to map is configured on the access port. |
“map network tunnel” is not successful for unicast tunnel | Verify that the physical interface used for tunnel is up and running. Ensure that the ip route is present on VTEP. |
Can we have tunnel source ip as loopback interface ip? | Yes, you can use loopback IP as tunnel source IP. |
Known unicast traffic not flowing from one end to another end after configuring static entries | Ensure that all the interfaces are up and running. Ensure that source mac address is learnt on source VTEP on each VTEP using "show bridge". Ensure that you can ping tunnel destination IP, ie. you have a route to reach the destination VTEP. Ensure that the mac address configured in static entry is that of correct destination host. |
BUM traffic is not flowing | Ensure that multicast tunnel is configured on the VTEPs. Unicast tunnel does not support BUM traffic, only known unicast traffic. |
Having different VLAN's on each access side isnt working. | For input VTEP, traffic is allowed based on the vlan configured on the access port but on destination VTEP after decapsulation, vlan check is not happening. |
Multicast tunnel installation is unsuccessful. | Verify that the physical interface used for tunnel is up and running. Ensure that “tunnel add interface <if-name>” is configured in the multicast tunnel. |
Multicast traffic not flowing from one end to another end after configuring VTEPs successfully. | Ensure that all the interfaces are up and running. Ensure that the intermediate routers are supporting multicast. Ensure that the VTEPs have joined the multicast group correctly, ie the tunnel destination ip(multicast ip) is correct on the participating VTEPs. Ensure that source mac address is learnt on source VTEP on each VTEP using "show bridge". |
Symptom/Cause | Solution |
|---|---|
vxlan host-reachability-protocol evpn-bgp vrfblue is not successful | Make sure that the vrf which you are trying to map is configured. |
Can we have vtep-ip-global as loopback ip | Yes.This ip is the source ip of the tunnel. |
sh bgp l2vpn evpn does not show the multicast entries | Make sure that your route is reachable using any static/dynamic (isis/ospf...) protocol. Also make sure that bgp neighborship is established. |
Ping is not working for a particular vnid | Ensure that all the interfaces are up and running Ensure that source mac address is learnt on source VTEP on each VTEP using show bridge. Ensure that you can ping tunnel destination IP, ie. you have a route to reach the destination VTEP. Ensure that bgp neighborship is established, have proper router-id's configured Ensure that you have imported/exported the route correctly using route-target.Ensure unique RD in all VRFs Also ensure that on all the VTEPs, access port is mapped to respective/relevant VNID |
Symptom/Cause | Solution |
|---|---|
"l3vnid <value>" is not successful | Ensure that the VXLAN IRB is enabled. (config)# nvo vxlan irb |
"evpn <irb_interface>" is not successful | • Ensure that the IRB interface which you are trying to map is configured. Use the below command to configure. (config)# interface irb 1 (config-if)# ip vrf vrf1 • Ensure that ip vrf forwarding <vrf-name> (VRF should have L3VNID) is configured in the IRB interface which you are trying to map to the L2VNID. Use the below command to configure. (config)# ip vrf vrf1 (config-vrf)# l3vni 12001 |
IRB interface is DOWN | • Ensure that IRB interface is not administratively shut down. • Ensure that IRB interface is mapped to the L2 VNID. Use the show command to verify the IRB - L2 VNI mapping "show nvo vxlan l3vni-mp" If not use the below command to configure. (config)#nvo vxlan id 10 ingress-replication inner-vid-disabled (config-nvo)#evpn irb1 |
L3 Tunnel installation is unsuccessful. | Ensure that Prefix routes are installed in the VRF (VRF should have L3 VNID) Routing Table. #show ip route vrf <vrf_name> #show arp vrf <vrf_name> #show nvo vxlan |
Missing routes in the VRF routing table. Both connected and static. | • Ensure that IRB interfaces are UP and running. • Ensure that L3 Tunnel is UP and Running. • Ensure that "redistribute connected" is configured in the VRF address family to advertise the connected route. • Ensure that "redistribute static" is configured in the VRF address family to advertise the static route. • Ensure that if route is inactive in VRF routing database, then check that ARP resolution is successful for the next-hop for those routes. |
Symmetric Config: L3 traffic not flowing from one VNID to another VNID | • Ensure that all the interfaces are up and running including the IRB interfaces. • Ensure that ARP of that Host is resolved and added in "show arp vrf <vrf-table>" for both Local and Remote Host. • Ensure that destination routes are installed on the source VTEP using "show ip bgp vrf all" and "show ip route vrf all". |
Asymmetric Config: L3 traffic not flowing from one VNID to another VNID | • Ensure that all the interfaces are up and running including the IRB interfaces. • Ensure that ARP of that Host is resolved and added in "show arp vrf <vrf-table>" for both Local and Remote Host. |