EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFL3 Datapath – Deep Dive
L3 Datapath Scenarios
Let’s understand how L3 Forwarding is done. Forwarding flow based on L2 that was already explained earlier.
If the packet coming into leaf is L3 based, the first thing leaf checks is familiarity with destination IP address of EP. If the leaf switch already knows the IP address it forwards the packet to local port (if destination IP is on local leaf) or to remote leaf (if destination IP is not on local leaf).
If leaf doesn‘t know the destination IP address of EP, it will check its routing table to see if it has BD subnet for that destination IP in its routing table.
If BD subnet is present, ingress leaf will forward the packet to Spine Proxy. Spine Proxy will check its COOP database and forward the packet to remote leaf or start with ARP glean (if destination IP is not in COOP database).
If BD subnet is not present in routing table, it searches for any other entry in routing table. If there is a L3Out route the ingress leaf will forward the packet to appropriate border leaf. If there isn‘t any route in the routing table, ingress leaf will drop the packet.
Pervasive Gateway:
Pervasive GW is configured as "Subnets" under BD .Pervasive GW is a default GW and at the same time represents subnets (IP ranges) which belong to the BD. Pervasive GW is installed as SVI to all leaf switches which have Endpoints for the BD (so that every server can have one-hop away default GW) When multiple Pervasive GWs are configured on the same BD, SVI will have secondary IP Pervasive Routes may be propagated to leaf switches that don't have local EP for that BD.
Example:
BD-A/EPG-A only on Leaf-1, BD-B/EPG-B only on Leaf2 and a contract is tied between EPG-A and B. SVI-A is created on Leaf-1, SVI-B is created on Leaf-2 due to the contract
- Route-A is installed on Leaf-2 without SVI-A
- Route-B is installed on Leaf-I without SVI-B
Comment
-
-
DC
Added
- dclessons1
- Jul 06, 2021
-
-
-
DC
Hi Yan , Can you please let us know where and on which area you find the digram missing , Please let me know the line or section for more specific.
- dclessons1
- Oct 14, 2020
-
DC
Hi Yan , Can you please let us know where and on which area you find the digram missing , Please let me know the line or section for more specific.
- dclessons1
- Oct 14, 2020
-
DC
Added
- dclessons1
- Jul 06, 2021
-
-
MA
Example 1 and "To check the Routing before Contracts and after Contracts:" these section diagrams are missing.
-
DC
Added
- dclessons1
- Jul 06, 2021
-
-
DS
For Leaf if the destination IP is unkown it can still route the traffic to spine proxy if there is no contract permitting the traffic ?
LEAVE A COMMENT
Please login here to comment.