Switching

Expand all | Collapse all

EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

Jump to Best Answer
  • 1.  EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-11-2020 10:13

    Hi all

    I have a two spine and two leaf setup.
    I connected my end hosts to both leafs i.e multihomed way.

    I have configured EVPN-VXLAN on my leaf-spine switches.
    After configuration I can ping the IRBs configured on spine switches from leaf switches.
    But I can't ping the IRBs on spine switches through the end hosts.
    What might be the possible reasons .. actually I am new to vxlan-evpn so I don't know how to troubleshoot this..juniper documentation also don't help much in this regard..so please help if you have any idea in kind of circumstances this kind of problems can occur or how to troubleshoot such issue

     

    Leaf/spine switches model: QFX5200

    Please let me know if any portion of configuration is need to be posted here I will post accordin

    Thanks


    #vxlan
    #vlan
    #EVPN


  • 2.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-11-2020 10:22

    Hi Vinay,

     

    Can you post the configuration of spine switches and as well as the output of "show evpn database" from all spine and leaf. Please do highlight the mac address of host for my understanding.



  • 3.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-11-2020 11:43

    Hi Nupur 

    Please find attached config files.

     

    Attachment(s)

    txt
    spine-switch-01.txt   11 K 1 version
    txt
    leaf-switch-01.txt   9 K 1 version
    txt
    spine-switch-02.txt   11 K 1 version
    txt
    leaf-switch-02.txt   9 K 1 version


  • 4.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-11-2020 12:16
      |   view attached

    As show evpn database out is lengthy so not able to post here directly.

    So please find attached the same in file.

     

    My servers mac addresses are

    0c:42:a1:05:81:3f and 1c:34:da:70:39:73

    Attachment(s)



  • 5.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-11-2020 15:39

    Hi Vinay,

     

    On leaf 2 I see xe-0/0/20:1  and xe-0/0/23:1 configured and I believe these are customer facing interfaces. I don't see any customer facing interface configured on leaf 1. 

    Can you also post outputs of "show vlans" & "show ethernet-switching vxlan-tunnel-end-point esi" from leaf switches highlighting which VTEP is for whom. "show vlans" o/p should contain the esi interface, vteps to spine and leaf and also customer facing interface.

     

    Also verify who is elected designated forwarder for the esi's on spine by "show evpn instance".



  • 6.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

     
    Posted 08-11-2020 19:51

    Hi Vinay

     

    If the end hosts are not able to ping the l3 gateway and the configuration is correct then you can follow the below approach for troubleshooting:

     

    1. Check if the mac address of the host is properly learned on the leaf switches.

    2. Check for the arp entry of the host on the spine devices.

    3. If arp entry is not there on the spine then try to ping from the host towards the l3 gateway and do a monitor traffic on the corresponding irb interface to check if the arp request is received on the spines and proper arp replies are sent.

    4. Try clearing the arp on the host as well as on the spines.

     Check for the following knobs 

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB32854&cat=QFX5110&actp=LIST&showDraft=false

     

    Hope this helps



  • 7.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-12-2020 00:26
    Hi guys
    Thank you for your suggestions
    I am checking things according to your suggestions but one thing I want to conferm here is that somewhere I read that QFX5200 switches do not support vxlan L3 routing..but I am not sure about it
    Can anyone conferm whether QFX5200 can act as VXLAN L3 gateway or not?


  • 8.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches
    Best Answer

    Posted 08-12-2020 00:44

    Hi,

     

    You are right that QFX5200 does not support l3 vxlan routing. This is due to chipset limitations and is not solveable by a software update. The QFX5200 is based on the Broadcom Tomahawk chipset and QFX5100/EX4600 (Trident2) has the same issue.

     

    You will need either QFX5110's (Trident2+) or QFX5120 (Trident3) to utilize L3 vxlan routing on your spines or leafs.



  • 9.  RE: EVPN-VXLAN End hosts cannot ping l3 gateways on spine switches

    Posted 08-12-2020 01:46
    Oh that explains it...
    Thanks Jonas for the answer