Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
VXLAN can't ping each oth...

VXLAN can't ping each other after apply traffic policy

Latest reply: Dec 29, 2018 12:18:27 1297 13 11 0 2
display all floors 1#

Problem description

Please help to check since we can’t ping the same subnet between VXLAN after applying traffic-policy, but another different subnet is fine.

Below a sample of config:


[~switch-COR01-acl4-advance-3024]dis this

#

aclnumber 3024

rule 5 permit ip vpn-instance vrf_global destination 10.2.30.0 0.0.0.15

rule 6 permit icmp vpn-instance vrf_global

rule 9

 

bridge-domain 24

traffic-policy P3024 inbound   “we apply this one”


Problem Analysis

Ask the customer to explain the issue in details and feedback network topo diagnose information. Customer request for remote troubleshooting and help.


Root Cause

It is a configuration issue and ACL deny the XVLAN underlay traffic.


SolutionDescription

It is a configuration issue and ACL deny the XVLAN underlay traffic.

acl number 3024

 rule 9 deny ip vpn-instance vrf_global destination 172.16.0.0 0.15.255.255

acl 3024

 undo rule 9


  • x
  • convention:

Like (11) Dislike (0) Favorite(2) Share Report
Previous: portal authentication for BRAS user on ME60
Next: How can Cisco 2911 configure PPPOE to Internet?
Skay
Created Dec 22, 2018 05:53:01

Good example and learned a lot .
View more
  • x
  • convention:
yiyi0519
Created Dec 22, 2018 08:43:27

VXLAN is used on the data center, can you introduce more about it?
View more
  • x
  • convention:
Finn92
Created Dec 22, 2018 09:33:33

so it's a traffic policy issue , maybe you can introduce VXlan more , i wonder to know it's feature .
View more
  • x
  • convention:
wissal
MVE Created Dec 22, 2018 17:49:02

Detailed description of the problem and how to solve it.
View more
  • x
  • convention:
wissal
MVE Created Dec 22, 2018 17:50:03

useful
View more
  • x
  • convention:
yechao99
Created Dec 25, 2018 02:48:52

VXLAN is new tech, study and hope for more
View more
  • x
  • convention:
yjhd
Created Dec 26, 2018 02:59:01

rule 9 deny ip vpn-instance vrf_global destination 172.16.0.0 0.15.255.255
View more
  • x
  • convention:
No.9527
Created Dec 26, 2018 03:07:15

Defined in RFC 7348, Virtual eXtensible Local Area Network (VXLAN) is a Network Virtualization over Layer 3 (NVO3) technology that uses MAC-in-UDP encapsulation.
View more
  • x
  • convention:
GongXiaochuan
Created Dec 26, 2018 07:57:50

customer the rule 9 has empty ,add below rule is working fine, good to know

rule 9 deny ip vpn-instance vrf_global destination 172.16.0.0 0.15.255.255
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.