No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CE7855 Vxlan issue

Publication Date:  2018-07-30 Views:  135 Downloads:  0
Issue Description
Topo:VM----USG6650----LeafCE6855---Spine7855----S5700----internet FW------internet

Issue:VM can reach Spine , Spine can reach internet , but VM cannot reach to interne .

Handling Process

Keep Ping from VM to internet FW.

1、Capture packets on Spine , then find the packets have already send to S5700 

2、Capture packets on S5700(this is layer 2 switch ), then find the packts have already send to internet FW

3、Capture packets on internet FW , but no packets have been send to internet FW.


then check the packets on S5700 , find the destination MAC-address is not internet FW interface MAC-address , check the ARP table , it's correct .

So the question is the destination MAC-address is wrong , we think maybe there are some wrong on VXLAN configuration .

After checking the product document of CE7855 , find below information:

When CE7855-EI works as a Layer 3 VXLAN gateway, it can connect to a VXLAN network through VBDIF interfaces only. Otherwise, the switch cannot normally forward VXLAN packets.

Root Cause

When CE7855-EI works as a Layer 3 VXLAN gateway, it can connect to a VXLAN network through VBDIF interfaces only. Otherwise, the switch cannot normally forward VXLAN packets.

Solution

Change the vlanif that connect s5700 to Vbdif .

then traffic is normal.

END