×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Trying to setup OTV on ASR1000 between two sites.

Unanswered Question
Nov 6th, 2014
User Badges:

Hello,

   I am trying to setup OTV between to sites I have attached the diagram. Router23 and Router26 are the OTV edge devices and Arista25 and Arista26 are the hosts both are in Vlan100 155.1.35.0/24 at both sites. I am trying to get Arista25 to reach Arista26 but I am unable too. I have the OTV adjacency up. However, when I try to initiate a ping from Arista25 to Arista26 I get no response. Below are the configs for Router23 and Router26.

 


Router23 Config:

ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0001
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
 mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
 no ip address
 otv control-group 239.1.1.1
 otv data-group 232.0.0.1/32
 otv join-interface GigabitEthernet1
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet1
 mtu 9216
 ip address 100.100.100.1 255.255.255.0
 ip pim passive
 ip igmp version 3
 negotiation auto
!
interface GigabitEthernet2
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
 !
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
Router23#


Router26 Config:

ip multicast-routing distributed
!
!
!
!
!
!
!
!
!
!
!
otv site bridge-domain 1
!
otv site-identifier 0000.0000.0002
multilink bundle-name authenticated
!
!
!
!
!
!
!
spanning-tree extend system-id
!
!
redundancy
 mode none
!
!
!
!
!
!
ip tftp source-interface GigabitEthernet0
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Overlay1
 no ip address
 otv control-group 239.1.1.1
 otv data-group 232.0.0.1/32
 otv join-interface GigabitEthernet1
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet1
 mtu 9216
 ip address 100.100.100.2 255.255.255.0
 ip pim passive
 ip igmp version 3
 negotiation auto
!
interface GigabitEthernet2
 no ip address
 negotiation auto
 service instance 1 ethernet
  encapsulation untagged
  bridge-domain 1
 !
 service instance 100 ethernet
  encapsulation dot1q 100
  bridge-domain 100
 !
!
interface GigabitEthernet0
 vrf forwarding Mgmt-intf
 no ip address
 shutdown
 negotiation auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip pim ssm default
!
Router26#

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Arthur Cruz Fri, 11/07/2014 - 05:55
User Badges:

Can you provide the output of:

sh otv

sh otv vlan

sh otv route vlan 100

 

Also just to confirm, did you verify with a ping that the connection between the ASRs supports larger MTUs?

ping x.x.x.x size 1542 df-bit

Victor Reyes II Fri, 11/07/2014 - 08:44
User Badges:

Below is what you requested. Regarding the MTU it is supporting the larger packets. I put the ping test below.

 

Router23:

Router23#sh otv
Overlay Interface Overlay1
 VPN name                 : None
 VPN ID                   : 1
 State                    : UP
 AED Capable              : Yes
 IPv4 control group       : 239.1.1.1
 Mcast data group range(s): 232.0.0.1/32
 Join interface(s)        : GigabitEthernet1
 Join IPv4 address        : 100.100.100.1
 Tunnel interface(s)      : Tunnel0
 Encapsulation format     : GRE/IPv4
 Site Bridge-Domain       : 1
 Capability               : Multicast-reachable
 Is Adjacency Server      : No
 Adj Server Configured    : No
 Prim/Sec Adj Svr(s)      : None

Router23#sh otv vlan
Key:  SI - Service Instance

Overlay 1 VLAN Configuration Information
 Inst VLAN  Bridge-Domain  Auth  Site Interface(s)
 0    100   100            yes   Gi2:SI100
 Total VLAN(s): 1
 Total Authoritative VLAN(s): 1

Router23#sh otv route vlan 100

Codes: BD - Bridge-Domain, AD - Admin-Distance,
       SI - Service Instance, * - Backup Route

OTV Unicast MAC Routing Table for Overlay1

 Inst VLAN BD     MAC Address    AD    Owner  Next Hops(s)
----------------------------------------------------------

0 unicast routes displayed in Overlay1

----------------------------------------------------------
0 Total Unicast Routes Displayed

Router23#

 

Router23#ping 100.100.100.2 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.2, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 22/65/115 ms
Router23#

-----------------------------

Router26#sh otv
Overlay Interface Overlay1
 VPN name                 : None
 VPN ID                   : 1
 State                    : UP
 AED Capable              : Yes
 IPv4 control group       : 239.1.1.1
 Mcast data group range(s): 232.0.0.1/32
 Join interface(s)        : GigabitEthernet1
 Join IPv4 address        : 100.100.100.2
 Tunnel interface(s)      : Tunnel0
 Encapsulation format     : GRE/IPv4
 Site Bridge-Domain       : 1
 Capability               : Multicast-reachable
 Is Adjacency Server      : No
 Adj Server Configured    : No
 Prim/Sec Adj Svr(s)      : None

Router26#sh otv vlan
Key:  SI - Service Instance

Overlay 1 VLAN Configuration Information
 Inst VLAN  Bridge-Domain  Auth  Site Interface(s)
 0    100   100            yes   Gi2:SI100
 Total VLAN(s): 1
 Total Authoritative VLAN(s): 1

Router26#sh otv route vlan 100

Codes: BD - Bridge-Domain, AD - Admin-Distance,
       SI - Service Instance, * - Backup Route

OTV Unicast MAC Routing Table for Overlay1

 Inst VLAN BD     MAC Address    AD    Owner  Next Hops(s)
----------------------------------------------------------

0 unicast routes displayed in Overlay1

----------------------------------------------------------
0 Total Unicast Routes Displayed

Router26#ping 100.100.100.1 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1542-byte ICMP Echos to 100.100.100.1, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/3 ms
Router26#

 

 

 

 

Arthur Cruz Fri, 11/07/2014 - 12:00
User Badges:

Thanks, can you dump the mac address tables on the ASRs to see if they're learning the macs from your switch?

Victor Reyes II Fri, 11/07/2014 - 14:17
User Badges:

That's the issue I am not learning the mac address on bridge-domain 100. I am only seeing mac address on bridge-domain 1 which is the site vlan. Below is what I see on both routers and both bridge-domain 1 and bridge-domain 100. Thank you

 

Router23:

 

Router23#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    GigabitEthernet2 service instance 1
   MAC address    Policy  Tag       Age  Pseudoport
   000C.29C8.C070 forward dynamic   240  GigabitEthernet2.EFP1

Router23#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 1800 second(s)
    GigabitEthernet2 service instance 100
    Overlay1 service instance 100
   MAC address    Policy  Tag       Age  Pseudoport
   FFFF.FFFF.FFFF flood   static    0    OLIST_PTR:0xe946a800

 

Router26:

Router26#sh bridge-domain 1
Bridge-domain 1 (1 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 300 second(s)
    GigabitEthernet2 service instance 1
   MAC address    Policy  Tag       Age  Pseudoport
   000C.291F.14AB forward dynamic   83   GigabitEthernet2.EFP1

Router26#sh bridge-domain 100
Bridge-domain 100 (2 ports in all)
State: UP                    Mac learning: Enabled
Aging-Timer: 1800 second(s)
    GigabitEthernet2 service instance 100
    Overlay1 service instance 100
   MAC address    Policy  Tag       Age  Pseudoport
   FFFF.FFFF.FFFF flood   static    0    OLIST_PTR:0xe9cde830

Router26#

 

Arthur Cruz Fri, 11/07/2014 - 16:33
User Badges:

Can you confirm it is spanning-tree forwarding on the connected switch (sh spann vlan 100)?

Victor Reyes II Fri, 11/07/2014 - 17:38
User Badges:

Yes spanning-tree is forwarding for vlan 100. Please see below:

Arista26:

Arista26#sh span vlan 100
Spanning tree instance for vlan 100
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     000c.291f.14ab
             This bridge is the root

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     000c.291f.14ab
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2              designated forwarding 2000      128.2    P2p

Arista26#

 

Arista25:

Arista25#sh span vlan 100
Spanning tree instance for vlan 100
MST0
  Spanning tree enabled protocol mstp
  Root ID    Priority    32768
             Address     000c.29c8.c070
             This bridge is the root

  Bridge ID  Priority    32768  (priority 32768 sys-id-ext 0)
             Address     000c.29c8.c070
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Et2              designated forwarding 2000      128.2    P2p

Arista25#

 

 

Arthur Cruz Fri, 11/07/2014 - 18:23
User Badges:

I'm not sure man. It doesn't appear to be an OTV issue since we're not even learning the mac address from the host. I've only seen this in two situations:

A missconfiguration of the LAN port on either the otv switch or the downstream switch.

Or a "silent host" that relies on unknown unicast flooding. Microsoft NLB in unicast mode works that way. In that case a static mac entry is required on the otv Edge device.

Good luck. When I get a chance I'll lab it up to verify the config, but it looks ok.

Victor Reyes II Fri, 11/07/2014 - 21:40
User Badges:

Alright thanks a lot for trying. Please let me know your findings if you ever get a chance to lab this up. Thank you

Actions

This Discussion

Related Content