Go to Qiita Advent Calendar 2024 Top
LoginSignup
yuki25135
@yuki25135 (優希 谷島)

Are you sure you want to delete the question?

If your question is resolved, you may close it.

Leaving a resolved question undeleted may help others!

We hope you find it useful!

cisco modeling labsにて、デフォルトGWのSVIにpingが通らない

Q&A

UbuntuCisconx-osevpnCML

Qiita用.png

解決したいこと

ubuntu-o , 2間で通信ができること、pingが通ること
ubuntu-o , 2 から、nxos9000-0(leaf-1) , nxos9000-3(leaf-2) に設定した
SVI(vlan interface 100)にpingができること、

発生している問題・エラー

■ubunts 0 のIPアドレス:inet 192.168.101.1/24
2: ens2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP     inet 192.168.101.1/24 brd 192.168.101.255 scope global ens2

■ubunts 2 のIPアドレス:inet 192.168.101.2/24
2: ens2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP     inet 192.168.101.2/24 brd 192.168.101.255 scope global ens2

■nxos9000-0(leaf-1)に設定したSVI  192.168.101.254/24
leaf-1# show interface vlan 101
 Internet Address is 192.168.101.254/24

■nxos9000-3(leaf-2)に設定したSVI 192.168.101.254/24
leaf-2# show interface vlan 101
Internet Address is 192.168.101.254/24
※leaf-1,2はanycast-gwで使います。

■ubunts 0からGWとubuntu2に対してpiingが失敗します。
cisco@ubunt-0:/etc/netplan$ ping 192.168.101.254
PING 192.168.101.254 (192.168.101.254) 56(84) bytes of data.
From 192.168.101.1 icmp_seq=1 Destination Host Unreachable

cisco@ubunt-0:/etc/netplan$ ping 192.168.101.2
PING 192.168.101.2 (192.168.101.2) 56(84) bytes of data.
From 192.168.101.1 icmp_seq=1 Destination Host Unreachable

自分で試したこと

vlan interface 101やubuntu , スイッチ間を結ぶすべてのintaerfaceが
upであることは確認しました。

以下コンフィグの詳細です。

■leaf-1のコンフィグ

leaf-1# show run

!Command: show running-config
!Running configuration last done at: Fri Feb  2 10:18:09 2024
!Time: Fri Feb  2 11:49:55 2024

version 9.3(8) Bios:version
hostname leaf-1
vdc leaf-1 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

no password strength-check
username admin password 5 $5$PNHALB$ebSjmJz39nSLKvODw2oU.sV0IHvjDn2gzRmM4AFfqi7  role network-admin
username cisco password 5 $5$MDNPDF$AAqpx61Cvtv1k/6kgSoYxx.hDKjHdEjTTlv.WhblTlC  role network-admin
username cisco passphrase  lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
copp profile strict
snmp-server user admin network-admin auth md5 17686EDC709A71E74858707F34FE9026727D priv 366F21E34FB32BC96F00636737AD996C6553 localizedV2key
snmp-server user cisco network-admin auth md5 330839AF54EA378A792D29756CBCC1563847 priv 481E34E213BF24DC6625742238BBBD373951 localizedV2key
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 0001.0002.0003
vlan 1,101-103,150
vlan 101
  vn-segment 50101
vlan 102
  vn-segment 50102
vlan 103
  vn-segment 50103
vlan 150
  name Tenant-A
  vn-segment 50150

route-map Tenant-A permit 10
  match tag 50150
vrf context Tenant-A
  vni 50150
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn
vrf context management


interface Vlan1

interface Vlan101
  no shutdown
  vrf member Tenant-A
  ip address 192.168.101.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan102
  no shutdown
  vrf member Tenant-A
  ip address 192.168.102.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan103
  no shutdown
  vrf member Tenant-A
  ip address 192.168.103.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan150
  description L3-vni_Tenant-A
  no shutdown
  vrf member Tenant-A

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback0
  member vni 50101-50103
    ingress-replication protocol bgp
  member vni 50150 associate-vrf

interface Ethernet1/1
  description To_Spine-1
  no switchport
  mtu 9216
  ip address 172.16.1.1/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/2
  description To_Spine-2
  no switchport
  mtu 9216
  ip address 172.16.2.1/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/3
  description To_ubuntu0
  switchport mode trunk
  switchport trunk allowed vlan 101-103

interface Ethernet1/4
~何も設定してないので省略
interface Ethernet1/64

interface mgmt0
  vrf member management

interface loopback0
  ip address 192.168.1.3/32
  ip router ospf 1 area 0.0.0.0
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos.9.3.8.bin sup-1
router ospf 1
  router-id 192.168.1.3
router bgp 65001
  router-id 192.168.1.3
  log-neighbor-changes
  address-family ipv4 unicast
  address-family l2vpn evpn
  neighbor 192.168.1.4
    remote-as 65001
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
  vrf Tenant-A
    address-family ipv4 unicast
      advertise l2vpn evpn
      redistribute direct route-map Tenant-A
evpn
  vni 50101 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 50102 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 50103 l2
    rd auto
    route-target import auto
    route-target export auto

■leaf-2のコンフィグ

leaf-2# show running-config

!Command: show running-config
!Running configuration last done at: Fri Feb  2 10:18:00 2024
!Time: Fri Feb  2 11:50:38 2024

version 9.3(8) Bios:version
hostname leaf-2
vdc leaf-2 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

nv overlay evpn
feature ospf
feature bgp
feature interface-vlan
feature vn-segment-vlan-based
feature nv overlay

no password strength-check
username admin password 5 $5$LEAFIM$gZJP4y3QDBdnMaZQzkWvA1aXB2lQypliQKgVEVISXY1  role network-admin
username cisco password 5 $5$KCNNLI$LMkqya9qKh.rxV0vgWyAoCtvK/RQzkYg0vGS9e/g9k7  role network-admin
username cisco passphrase  lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
copp profile strict
snmp-server user admin network-admin auth md5 37675AC340941F6C60A946F2EC4F8EE37FCC priv 0044538048CC6C766BC21EEAFE11D5F56AE2 localizedV2key
snmp-server user cisco network-admin auth md5 21603FEE32F7232C3DA558FFAD088AE525B9 priv 164A4D8961E64E43599971B8F41FD4E271E0 localizedV2key
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

fabric forwarding anycast-gateway-mac 0001.0002.0003
vlan 1,101-103,150
vlan 101
  vn-segment 50101
vlan 102
  vn-segment 50102
vlan 103
  vn-segment 50103
vlan 150
  name Tenant-A
  vn-segment 50150

route-map Tenant-A permit 10
  match tag 50150
vrf context Tenant-A
  vni 50150
  rd auto
  address-family ipv4 unicast
    route-target both auto
    route-target both auto evpn
vrf context management


interface Vlan1

interface Vlan101
  no shutdown
  vrf member Tenant-A
  ip address 192.168.101.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan102
  no shutdown
  vrf member Tenant-A
  ip address 192.168.102.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan103
  no shutdown
  vrf member Tenant-A
  ip address 192.168.103.254/24 tag 50150
  fabric forwarding mode anycast-gateway

interface Vlan150
  description L3-vni_Tenant-A
  no shutdown
  vrf member Tenant-A

interface nve1
  no shutdown
  host-reachability protocol bgp
  source-interface loopback0
  member vni 50101-50103
    ingress-replication protocol bgp
  member vni 50150 associate-vrf

interface Ethernet1/1
  description To_Spine-1
  no switchport
  mtu 9216
  ip address 172.16.3.1/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/2
  description To_Spine-2
  no switchport
  mtu 9216
  ip address 172.16.4.1/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/3
  description To_ubuntu2
  switchport mode trunk
  switchport trunk allowed vlan 101-103

interface Ethernet1/4
~何も設定してないので省略
interface Ethernet1/64

interface mgmt0
  vrf member management

interface loopback0
  ip address 192.168.1.4/32
  ip router ospf 1 area 0.0.0.0
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos.9.3.8.bin sup-1
router ospf 1
  router-id 192.168.1.4
router bgp 65001
  router-id 192.168.1.4
  log-neighbor-changes
  address-family ipv4 unicast
  address-family l2vpn evpn
  neighbor 192.168.1.3
    remote-as 65001
    update-source loopback0
    address-family ipv4 unicast
    address-family l2vpn evpn
      send-community
      send-community extended
  vrf Tenant-A
    address-family ipv4 unicast
      advertise l2vpn evpn
      redistribute direct route-map Tenant-A
evpn
  vni 50101 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 50102 l2
    rd auto
    route-target import auto
    route-target export auto
  vni 50103 l2
    rd auto
    route-target import auto
    route-target export auto

■nxos9000-1(spine1のコンフィグ)


Spine-1# show running-config

!Command: show running-config
!Running configuration last done at: Fri Feb  2 09:17:50 2024
!Time: Fri Feb  2 11:54:30 2024

version 9.3(8) Bios:version
hostname Spine-1
vdc Spine-1 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature ospf

no password strength-check
username admin password 5 $5$BOKJGD$uf9lwTX15KqUpiauhp.P9haKMHXXhVShlXB67yQaBG2  role network-admin
username cisco password 5 $5$GEJEGH$vunHtw7WijdWr4Pwvm5fw4l7ZB1/0qSsyhB51eHSx86  role network-admin
username cisco passphrase  lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
snmp-server user admin network-admin auth md5 054B318D148E94C48DBE4A2912AFF56BB670 priv 042F4EF84184ADA296B317775DADF648B020 localizedV2key
snmp-server user cisco network-admin auth md5 21414DEF5C958B8793B7002205A3FC44ED77 priv 204F11F953ACD791C5B21E670FBBF04B997B localizedV2key
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1

vrf context management

interface Ethernet1/1
  description To_Leaf-1
  no switchport
  mtu 9216
  ip address 172.16.1.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/2
  description To_Leaf-2
  no switchport
  mtu 9216
  ip address 172.16.3.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7
  description To_Spine-2
  no switchport
  mtu 9216
  ip address 172.16.10.1/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/8
~何も設定してないので省略
interface Ethernet1/64

interface mgmt0
  vrf member management

interface loopback0
  ip address 192.168.1.1/32
  ip router ospf 1 area 0.0.0.0
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos.9.3.8.bin sup-1
router ospf 1
  router-id 192.168.1.1

Spine-1#
Spine-1#
Spine-1#

■nxos9000-2のコンフィグ


Spine-2# show running-config

!Command: show running-config
!Running configuration last done at: Fri Feb  2 09:17:34 2024
!Time: Fri Feb  2 11:54:59 2024

version 9.3(8) Bios:version
hostname Spine-2
vdc Spine-2 id 1
  limit-resource vlan minimum 16 maximum 4094
  limit-resource vrf minimum 2 maximum 4096
  limit-resource port-channel minimum 0 maximum 511
  limit-resource u4route-mem minimum 248 maximum 248
  limit-resource u6route-mem minimum 96 maximum 96
  limit-resource m4route-mem minimum 58 maximum 58
  limit-resource m6route-mem minimum 8 maximum 8

feature ospf

no password strength-check
username admin password 5 $5$JDNPFF$jCcUmevxbgurtYVVOn1Yph/TL3NZ/pO6FB244CgWU61  role network-admin
username cisco password 5 $5$KPMNJL$K/3ffP167QBU.vyHuIwzgj0yZ0Km0Blx7fVdTX6.T.0  role network-admin
username cisco passphrase  lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
snmp-server user admin network-admin auth md5 482AC6564797CECC1F373BF3CFED7D053E1D priv 207AEE7A5E89C8F72B141AE19EA226573C4A localizedV2key
snmp-server user cisco network-admin auth md5 321D9A0579F3B4B76B0C48E9C9AD511A2A4E priv 043BC3403CCEF9B2251066B092F64A491B74 localizedV2key
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO

vlan 1

vrf context management

interface Ethernet1/1
  description To_Leaf-1
  no switchport
  mtu 9216
  ip address 172.16.2.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/2
  description To_Leaf-2
  no switchport
  mtu 9216
  ip address 172.16.4.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5

interface Ethernet1/6

interface Ethernet1/7
  description To_Spine-1
  no switchport
  mtu 9216
  ip address 172.16.10.2/24
  ip ospf network point-to-point
  ip router ospf 1 area 0.0.0.0
  no shutdown

interface Ethernet1/8
~何も設定してないので省略
interface Ethernet1/64

interface mgmt0
  vrf member management

interface loopback0
  ip address 192.168.1.2/32
  ip router ospf 1 area 0.0.0.0
icam monitor scale

line console
line vty
boot nxos bootflash:/nxos.9.3.8.bin sup-1
router ospf 1
  router-id 192.168.1.2
![無題.png](https://qiita-image-store.s3.ap-northeast-1.amazonaws.com/0/1182928/62be4b5e-6f59-be53-406c-c35696580f7a.png)
![無題.png](https://qiita-image-store.s3.ap-northeast-1.amazonaws.com/0/1182928/8e495cdd-f5ad-e456-0c0a-51026f1515c1.png)

Spine-2#
Spine-2#
Spine-2#
0

1Answer

gx3n-inue
@gx3n-inue

Ubuntuのインタフェースも、スイッチ側と同様にtrunk(タグ付きVLAN)のインタフェース設定になってますかね?
タグ付きでVLAN番号もLeaf-1, 2 の Eth1/3と一致していないと通信できません。

0Like

Your answer might help someone💌

LoginSign Up