Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
I have a two spine and two leaf setup.I connected my end hosts to both leafs i.e multihomed way.
I have configured EVPN-VXLAN on my leaf-spine switches.After configuration I can ping the IRBs configured on spine switches from leaf switches.But I can't ping the IRBs on spine switches through the end hosts.What might be the possible reasons .. actually I am new to vxlan-evpn so I don't know how to troubleshoot this..juniper documentation also don't help much in this regard..so please help if you have any idea in kind of circumstances this kind of problems can occur or how to troubleshoot such issue
Leaf/spine switches model: QFX5200
Please let me know if any portion of configuration is need to be posted here I will post accordin
Can you post the configuration of spine switches and as well as the output of "show evpn database" from all spine and leaf. Please do highlight the mac address of host for my understanding.
Please find attached config files.
As show evpn database out is lengthy so not able to post here directly.
So please find attached the same in file.
My servers mac addresses are
0c:42:a1:05:81:3f and 1c:34:da:70:39:73
On leaf 2 I see xe-0/0/20:1 and xe-0/0/23:1 configured and I believe these are customer facing interfaces. I don't see any customer facing interface configured on leaf 1.
Can you also post outputs of "show vlans" & "show ethernet-switching vxlan-tunnel-end-point esi" from leaf switches highlighting which VTEP is for whom. "show vlans" o/p should contain the esi interface, vteps to spine and leaf and also customer facing interface.
Also verify who is elected designated forwarder for the esi's on spine by "show evpn instance".
If the end hosts are not able to ping the l3 gateway and the configuration is correct then you can follow the below approach for troubleshooting:
1. Check if the mac address of the host is properly learned on the leaf switches.
2. Check for the arp entry of the host on the spine devices.
3. If arp entry is not there on the spine then try to ping from the host towards the l3 gateway and do a monitor traffic on the corresponding irb interface to check if the arp request is received on the spines and proper arp replies are sent.
4. Try clearing the arp on the host as well as on the spines.
Check for the following knobs
Hope this helps
You are right that QFX5200 does not support l3 vxlan routing. This is due to chipset limitations and is not solveable by a software update. The QFX5200 is based on the Broadcom Tomahawk chipset and QFX5100/EX4600 (Trident2) has the same issue.
You will need either QFX5110's (Trident2+) or QFX5120 (Trident3) to utilize L3 vxlan routing on your spines or leafs.