EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USLAB Traffic Forwarding Method in BD
Test ARP Flooding and ARP Gleaning
The default forwarding method for Layer 2 unknown unicast traffic is to use the hardware proxy with Address Resolution Protocol (ARP) flooding enabled. You will test this behavior.
Use PuTTY to connect to web Server. Ping a non-existing IP address, such as 10.0.1.3 and keep the ping running.
Use PuTTY to connect through SSH to app. sniff ARP traffic on the fabric adapter using the tcpdump -ni ens160 arp command (using the -v option for verbose)
Go to tenant Sales and disable ARP flooding in the Presales_BD bridge domain. Click Submit and Submit Changes.
On the APP_VM, re-examine the tcpdump output.
Compare Hardware Proxy vs. Flooding of Layer 2 Unknown Unicast
The default forwarding method for Layer 2 unknown unicast traffic is to use the hardware proxy. You will change the bridge domain Presales_BD to flood Layer 2 unknown unicast.
Before changing the bridge domain setting, you will allow promiscuous mode in the vSwitch and configure static ARP entries on the WEB and APP VMs. This will enable the endpoints to send unicast packets while the fabric does not learn any endpoints through ARP.
In the vSphere Client, select the host (192.168.10.62) and choose Configure > Networking > Virtual Switches > DUAL.
Click the EDIT (pencil button) of the vSwitch DUAL. In Security > Promiscuous Mode, choose Accept and click OK.
On the WEB_VM and APP_VM, check the MAC and IP addresses on the fabric interfaces using the ip address show dev ens160 commands.
On the WEB_VM, configure a static ARP entry for the APP_VM using the ip neighbor add command and verify the ARP cache.
On the WEB_VM, create another static ARP entry for a non-existing host (IP 10.0.1.4, MAC 00:00:00:00:00:11).
On the APP_VM, use the same procedure to configure a static ARP entry for the WEB_VM.
In the Cisco Application Policy Infrastructure Controller (APIC) user interface, in the bridge domain Presales_BD, choose the Policy > General tab and change the L2 Unknown Unicast setting to Flood. Click OK in the warning pop-up about the ARP flooding requirement.
Comment
TABLE OF CONTENTS
- LAB 1 How to Validate Fabric Discovery
- LAB 2 Configure NTP
- LAB 3 Create & Configure Access Policies & vPC
- LAB 4 Configure Layer 2 Connectivity in Same EPG
- LAB 5 Configure Inter EPG layer 2 Connectivity
- LAB 6 Configure Inter-EPG Layer3 Connectivity
- LAB 7 Traffic Forwarding Method in BD
- LAB 8 Configure External Layer 2 Connection
- LAB 9 Configure External Layer 3 (L3Out) Connection
- LAB 10 Integrate APIC with vCenter using VMware VDS
RECENT POSTS
- Maximize Your Networking Skills with ENSDWI Training Labs and Certification
- Cisco UCS Solutions — Unified Computing Knowledge
- Navigating the SD-WAN Revolution: Insights for Modern Network Architects
- Cisco Data Center Career: Getting Started with Nexus Training
- Lock Down Your Networks in a Digital World: The Ultimate Guide to Learning Mastering Cisco Identity Services Engine (ISE)
- How to Become an AWS Solution Architect — Your Ultimate Guide to Cloud Mastery
- The Docker Training Course Outline - Your Guide to Becoming a Docker Expert
- Develop Next-Level Azure Networking Skills with AZ-700 Training
- Reasons to Choose DClessons for Your SD-WAN Velocloud Training Needs
- Learn to Network: Get More Out Of Cisco ACI and DCACIA with DClessons
LEAVE A COMMENT
Please login here to comment.