09-02-2013 04:57 AM
Hello,
I have ASR 9000 and some wimax AP. There is problem with communication between client antenas ( hosts behind antenas).
Clients doesnt have problem with communication to Internet.
There are some Access Points - each one with different vlan, to make all clients cpe's work in one subnet I put off vlans on ASR subinterface
and bind all connections to route interface BVI1 - whitch have helper address configured to my dhcp server.
DHCP SERWER ---- (ASR 9k) - subinterfaces g0/1/0/1.10- ---- Wimax AP (vlan 10) - client CPE
-subinterfaces g0/1/0/1.11- ---- Wimax AP (vlan 11) - client CPE
- subinterfaces g0/1/0/1.12- ---- Wimax AP (vlan 12) - client CPE
interface GigabitEthernet0/1/0/1.10 l2transport
encapsulation dot1q 10
rewrite ingress tag pop 1 symmetric
interface GigabitEthernet0/1/0/1.11 l2transport
encapsulation dot1q 11
rewrite ingress tag pop 1 symmetric
interface GigabitEthernet0/1/0/1.12 l2transport
encapsulation dot1q 12
rewrite ingress tag pop 1 symmetric
interface BVI1
ipv4 helper-address vrf default 192.168.100.1
ipv4 address x.x.x.x 255.255.252.0 ( 4 subnets, one mask and gateway)
l2vpn
bridge group Wireless
bridge-domain w-max
mac
aging
time 600
!
!
interface GigabitEthernet0/1/0/1.10
split-horizon group
interface GigabitEthernet0/1/0/1.11
split-horizon group
interface GigabitEthernet0/1/0/1.12
split-horizon group
routed interface BVI1
Strange is that with split-horizon configured cpe get IP address from dhcp, without split horizon cpe cant connect to dhcp-serwer -strange,
with split-horizon cpe can get IP and has Internet access but cant connect to other cpe's.
Solved! Go to Solution.
09-12-2013 12:26 PM
AC's in the SAME split horizon group can't talk to each other, so that is correctly working.
If 2 devices in the same subnet want to talk with each other, they will ARP for the other's address, since they are in teh same SHG, that arp is not seen from one host to another.
The gateway does receive the ARP but says, hmm in local subnet, I dont need to respond and this is also not for me anyway. So that is also correct.
What you may need to configure on the gateway intf is (local)proxy arp for the GW to respond to arp requests even if they are in the local subnet and even if they are not for him.
That way all sub to sub or AC to AC traffic will go via the gateway.
regards
xander
09-03-2013 01:18 AM
I did some troubleshooting and found some interesting facts about configuration and how make it work - partly.
On all subinterfaces I have also configured mirroring - to log connections. The configuraiton is like below:
interface GigabitEthernet0/1/0/1.10 l2transport
encapsulation dot1q 10
rewrite ingress tag pop 1 symmetric
monitor-session monitor11 direction rx-only
interface GigabitEthernet0/1/0/1.11 l2transport
encapsulation dot1q 11
rewrite ingress tag pop 1 symmetric
monitor-session monitor11 direction rx-only
interface GigabitEthernet0/1/0/1.12 l2transport
encapsulation dot1q 12
rewrite ingress tag pop 1 symmetric
monitor-session monitor11 direction rx-only
I din`t mention it in previous configuration, I thought it has no meaning.
When It is configured - I cant ping or connect any device behind any subinterface ( still can connect Internet), when remove from interface and remove split-horizon - It Works.
Is that a bug?
Still dont understand why hosts (with split-horizon) cant connect each other via gateway which is root in split horizon topology?
09-12-2013 12:26 PM
AC's in the SAME split horizon group can't talk to each other, so that is correctly working.
If 2 devices in the same subnet want to talk with each other, they will ARP for the other's address, since they are in teh same SHG, that arp is not seen from one host to another.
The gateway does receive the ARP but says, hmm in local subnet, I dont need to respond and this is also not for me anyway. So that is also correct.
What you may need to configure on the gateway intf is (local)proxy arp for the GW to respond to arp requests even if they are in the local subnet and even if they are not for him.
That way all sub to sub or AC to AC traffic will go via the gateway.
regards
xander
09-12-2013 11:46 PM
Thanks Alexander,
So if I understand correctly, only way hosts can talk with each other within one big subnet is:
- remove split-horizon
- configure proxy-arp
I have also question about "bug" with port monitor feature when split-horizon is not configured:
When removing split-horizon, everything is working unless I configure monitor session on all Subinterfaces. When configured then there is no connection to hosts - strange. But with split-horizon on and monitor session on everything is working.
Is that correct ?
09-13-2013 05:59 AM
that is correct, either no split horizon to allow AC to AC connectivity or with split horizon you would need (local) proxy arp
for the gateway to provide an ARP response from one host to another that normally cant see each other due to SH.
the absence of SHG's and applying port monitor to span traffic should not affect your operation obviously.
I suspect arp punting or flooding being an issue, if this is a problem I would file a TAC case and have it investigated as this should work.
cheers!
xander
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: