You can configure ICMP Redirect on
tenant EPG network.
About this task
Follow this procedure to enable or
disable ICMP Redirect on tenant EPG networks.You can enable or disable ICMP Redirect
when you create or update an EPG using the port-group-add, ctag-range-add, vrf-add,
and network-property-add or update operations.
Note
- XGS-based platforms (Extreme 8720, 8520, SLX 9150 and 9250) and J2-based SLX
9740 platform do not support ASIC for the ICMP Redirect.
- SLX-OS 20.5.1 does not
support IP ICMP Redirect.
- Only DNX-based platforms (SLX
9540 and 9640) support ASIC for the IP ICMP Redirect.
- If you configure IP ICMP
Redirect on supported platforms and later upgrade SLX to
non-supporting platforms, then ensure to clean up the stale ICMP
configuration on the existing VEs of XCO.
Procedure
-
To configure ICMP Redirect when
you create an EPG, run the following command:
efa tenant epg create –-name <epg-name> --tenant <tenant-name>
--ip-icmp-redirect <ctag:ip-icmp-redirect>
--ipv6-icmp-redirect <ctag:ipv6-icmp-redirect>
-
To configure ICMP Redirect when
you update an EPG, run the following command:
efa tenant epg update –-name <epg-name> --tenant <tenant-name>
--ip-icmp-redirect <ctag:ip-icmp-redirect>
--ipv6-icmp-redirect <ctag:ipv6-icmp-redirect>
-
Verify the following
configuration on SLX device.
Rack1-Device1# show running-config interface Ve 19
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
|
Rack1-Device2#show running-config interface Ve 19
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
|
For syntax and command examples, see the
ExtremeCloud Orchestrator Command Reference,
3.2.1
Example
The following example configures an
ICMP Redirect on a tenant EPG
network:
efa tenant create --name t1 --vrf-count 10 --vlan-range 10-40 --port 10.20.246.1[0/16-30],10.20.246.2[0/16-30] --l2-vni-range 1-40 --l3-vni-range 5000-50100
efa tenant po create --name po1 --tenant t1 --port 10.20.246.1[0/25],10.20.246.2[0/25] --speed 1Gbps --negotiation active
efa tenant vrf create --name vrf1 --tenant t1
efa tenant epg create --tenant "t1" --name "epg1" --type extension --switchport-mode trunk --single-homed-bfd-session-type auto --po po1 --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --bridge-domain 19:Auto-BD-2 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true
efa tenant epg update --tenant "t1" --name "epg1" --operation vrf-delete --vrf vrf1
efa tenant epg update --tenant "t1" --name "epg1" --operation vrf-add --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true --anycast-ipv6 19:500::10/31 --local-ipv6 19,10.20.246.1:700::10/31 --local-ipv6 19,10.20.246.2:700::10/31
efa tenant epg update --tenant "t1" --name "epg1" --operation ctag-range-add --ctag-range 20 --anycast-ip 20:4.33.3.3/24 --ctag-description "20:Tenant L3 Extended BD" --l2-vni 20:3 --ip-icmp-redirect 20:true
efa tenant epg update --tenant "t1" --name "epg1" --operation network-property-add --ipv6-icmp-redirect 20:true --anycast-ipv6 20:600::10/31 --local-ipv6 20,10.20.246.1:800::10/31 --local-ipv6 20,10.20.246.2:800::10/31
========================== EPG CREATE==================================
efa tenant create --name t1 --vrf-count 10 --vlan-range 10-40 --port 10.20.246.1[0/16-30],10.20.246.2[0/16-30] --l2-vni-range 1-40 --l3-vni-range 5000-50100
Tenant created successfully.
--- Time Elapsed: 76.613817ms ---
efa tenant po create --name po1 --tenant t1 --port 10.20.246.1[0/25],10.20.246.2[0/25] --speed 1Gbps --negotiation active
Port Channel created successfully.
--- Time Elapsed: 9.631186916s ---
efa tenant vrf create --name vrf1 --tenant t1
Vrf created successfully.
--- Time Elapsed: 105.271133ms ---
abc@abc-virtual-machine:~/GoDCApp/GoCommon/bin$
efa tenant show
+------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+--------------------------+
| Name | Type | VLAN Range | L2VNI Range | L3VNI Range | VRF Count | Enable BD | Ports | Mirror Destination Ports |
+------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+--------------------------+
| t1 | private | 10-40 | 1-40 | 5000-50100 | 10 | false | 10.20.246.1[0/16-30] | |
| | | | | | | | 10.20.246.2[0/16-30] | |
+------+---------+------------+-------------+-------------+-----------+-----------+-----------------------+--------------------------+
Tenant Details
--- Time Elapsed: 32.431956ms ---
efa tenant po show
+------+--------+----+-------+-----+-------------+----------+---------+--------------------+------------+-------------+-------------+
| Name | Tenant | ID | Speed | MTU | Negotiation | Min Link | Lacp | Ports | State | Dev State | App State |
| | | | | | | Count | Timeout | | | | |
+------+--------+----+-------+-----+-------------+----------+---------+--------------------+------------+-------------+-------------+
| po1 | t1 | 1 | 1Gbps | | active | 1 | long | 10.20.246.1[0/25] | po-created | provisioned | cfg-in-sync |
| | | | | | | | | 10.20.246.2[0/25] | | | |
+------+--------+----+-------+-----+-------------+----------+---------+--------------------+------------+-------------+-------------+
Port Channel Details
--- Time Elapsed: 58.50989ms ---
efa tenant vrf show
+------+--------+--------------+---------------------+--------------+--------------+----------+-----------+-----------+-------------+-----------------+-----------+
| Name | Tenant | Routing Type | Centralized Routers | Enable L3 | Redistribute | Max Path | Local Asn | Enable GR | State | Dev State | App State |
| | | | | Extension | | | | | | | |
+------+--------+--------------+---------------------+--------------+--------------+----------+-----------+-----------+-------------+-----------------+-----------+
| vrf1 | t1 | distributed | | true | connected | 8 | | false | vrf-created | not-provisioned | cfg-ready |
+------+--------+--------------+---------------------+--------------+--------------+----------+-----------+-----------+-------------+-----------------+-----------+
Vrf Details
--- Time Elapsed: 93.298864ms ---
abc@abc-virtual-machine:~/GoDCApp/GoCommon/bin$
efa tenant epg create --tenant "t1" --name "epg1" --type extension --switchport-mode trunk --single-homed-bfd-session-type auto --po po1 --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --bridge-domain 19:Auto-BD-2 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true
Error : Input anycast ipv6 address configuration is needed for the ctag 19 when the ipv6 icmp redirect configuration is input for the same ctag
efa tenant epg create --tenant "t1" --name "epg1" --type extension --switchport-mode trunk --single-homed-bfd-session-type auto --po po1 --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true --anycast-ipv6 19:500::10/31
Error : ICMP redirect feature is not supported on the device 10.20.246.1 with the platform SLX9740-40C. It is supported on the SLX-9540 and SLX-9640 platforms only.
efa tenant epg create --tenant "t1" --name "epg1" --type extension --switchport-mode trunk --single-homed-bfd-session-type auto --po po1 --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true --anycast-ipv6 19:500::10/31
Device: 10.20.246.1
Network Policy Error: VE configuration failed due to netconf rpc [error] '%Error:IP address is not configured. ',
Error : EndpointGroup Creation failed
efa tenant epg create --tenant "t1" --name "epg1" --type extension --switchport-mode trunk --single-homed-bfd-session-type auto --po po1 --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --ctag-description "19:Tenant L3 Extended BD" --l2-vni 19:2 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true --anycast-ipv6 19:500::10/31 --local-ipv6 19,10.20.246.1:700::10/31 --local-ipv6 19,10.20.246.2:700::10/31
EndpointGroup created successfully.
--- Time Elapsed: 26.66300489s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-----------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-----------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended BD | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/T | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-----------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 146.093823ms ---
abc@abc-virtual-machine:~/GoDCApp/GoCommon/bin$
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
========================== EPG UPDATE - VRF DELETE==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation vrf-delete --vrf vrf1
EndpointGroup updated successfully.
--- Time Elapsed: 11.522121773s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+-----------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+-----------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L2 Extended VLAN | 2 | | | | F/F | | T/T | | | false | false | provisioned | cfg-in-sync |
+------+-------------------------+-------+---------+--------------+--------------+----------+-----------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 125.742303ms ---
On
SLX1:how runn int ve
% No entries found.
|
On
SLX2:show runn int ve
% No entries found.
|
========================== EPG UPDATE - VRF ADD==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation vrf-add --vrf vrf1 --ctag-range 19 --l3-vni 5001 --anycast-ip 19:3.33.3.3/24 --ip-mtu 19:1600 --ip-icmp-redirect 19:true --ipv6-icmp-redirect 19:true --anycast-ipv6 19:500::10/31 --local-ipv6 19,10.20.246.1:700::10/31 --local-ipv6 19,10.20.246.2:700::10/31
EndpointGroup updated successfully.
--- Time Elapsed: 26.989502751s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended VLAN | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/T | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 113.554904ms ---
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
========================== EPG UPDATE - CTAG ADD==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation ctag-range-add --ctag-range 20 --anycast-ip 20:4.33.3.3/24 --ctag-description "20:Tenant L3 Extended BD" --l2-vni 20:3 --ip-icmp-redirect 20:true
EndpointGroup updated successfully.
--- Time Elapsed: 19.783074534s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19-20
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended VLAN | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/T | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 20 | Tenant L3 Extended BD | 3 | | 4.33.3.3/24 | | T/F | | T/F | | | false | false | provisioned | cfg-in-sync |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 133.454201ms ---
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
========================== EPG UPDATE - NETWORK PROPERTY UPDATE==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation network-property-update --ip-icmp-redirect 20:false
EndpointGroup updated successfully.
--- Time Elapsed: 10.939994832s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19-20
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended VLAN | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/T | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 20 | Tenant L3 Extended BD | 3 | | 4.33.3.3/24 | | T/F | | F/F | | | false | false | provisioned | cfg-in-sync |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 194.609986ms ---
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
========================== EPG UPDATE - NETWORK PROPERTY ADD==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation network-property-add --ip-icmp-redirect 20:true
EndpointGroup updated successfully.
--- Time Elapsed: 8.91347074s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19-20
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended VLAN | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/T | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 20 | Tenant L3 Extended BD | 3 | | 4.33.3.3/24 | | T/F | | T/F | | | false | false | provisioned | cfg-in-sync |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+----------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+----------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 129.081769ms ---
abc@abc-virtual-machine:~/GoDCApp/GoCommon/bin$
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
ipv6 icmpv6 redirect
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
========================== EPG UPDATE - NETWORK PROPERTY DELETE==================================
efa tenant epg update --tenant "t1" --name "epg1" --operation network-property-delete --ipv6-icmp-redirect 19:true
EndpointGroup updated successfully.
--- Time Elapsed: 8.086847111s ---
efa tenant epg show --detail
===============================================================================================================================================================
Name : epg1
Tenant : t1
Type : extension
State : epg-with-port-group-and-ctag-range
Description :
Ports :
POs : po1
Port Property : SwitchPort Mode : trunk
: Native Vlan Tagging : false
: Single-Homed BFD Session Type : auto
NW Policy : Ctag Range : 19-20
: VRF : vrf1
: L3Vni : 5001
+------------+-------------+-----------+------------+-------------+
| MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------------+-------------+-----------+------------+-------------+
Port Property ACLs
+------+-------------+-------------+
| Port | Dev State | App State |
+------+-------------+-------------+
| po1 | provisioned | cfg-in-sync |
+------+-------------+-------------+
Port Property States
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| Ctag | Ctag | L2Vni | BD Name | Anycast IPv4 | Anycast IPv6 | Suppress | Local IP | Icmp Redirect | IP MTU | IPv6 ND | IPv6 ND | IPv6 ND | Dev State | App State |
| | Description | | | | | ARP/ND | [Device-IP->Local-IP] | IPv4/IPv6 | | MTU | Managed Config | Other Config | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 19 | Tenant L3 Extended VLAN | 2 | | 3.33.3.3/24 | 500::10/31 | T/T | 10.20.246.1->700::10/31 | T/F | 1600 | | false | false | provisioned | cfg-in-sync |
| | | | | | | | 10.20.246.2->700::10/31 | | | | | | | |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
| 20 | Tenant L3 Extended BD | 3 | | 4.33.3.3/24 | | T/F | | T/F | | | false | false | provisioned | cfg-in-sync |
+------+-------------------------+-------+---------+--------------+--------------+----------+--------------------------+---------------+--------+---------+----------------+--------------+-------------+-------------+
Network Property [Flags : * - Native Vlan]
+------+----------------+--------------+----------------+--------------------+-------------+
| Ctag | IPv6 ND Prefix | No Advertise | Valid Lifetime | Preferred Lifetime | Config Type |
+------+----------------+--------------+----------------+--------------------+-------------+
IPv6 ND Prefix Flags
+------+------------+-------------+-----------+------------+-------------+
| Ctag | MAC ACL IN | MAC ACL OUT | IP ACL IN | IP ACL OUT | IPv6 ACL IN |
+------+------------+-------------+-----------+------------+-------------+
Network Property ACLs
+------+-------------------------------+--------------------------------------------------------+---------------------------------------------+-------------------------------------------+
| Ctag | AddressIP | AddressIPv6 : Device-IP->[{Address-IPv6,Vrf}] OR | GatewayIP : | GatewayIPv6 : |
| | Device-IP->[{Address-IP,Vrf}] | Device-IP->[{Address-IPv6,Vrf,InfType,InfName}] | Device-IP->{Gateway-IP,InfType,InfName} OR | Device-IP->{InfType,InfName,Gateway-IPv6} |
| | | | Device-IP->{InfType,InfName} | |
+------+-------------------------------+--------------------------------------------------------+---------------------------------------------+-------------------------------------------+
DHCP Relay Ips
For 'unstable' entities, run 'efa tenant po/vrf show' for details
===============================================================================================================================================================
--- Time Elapsed: 147.804073ms ---
On
SLX1:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
On
SLX2:show runn int ve
interface Ve 19
vrf forwarding vrf1
ip anycast-address 3.33.3.3/24
ip mtu 1600
ip icmp redirect
ipv6 anycast-address 500::10/31
ipv6 address 700::10/31
no shutdown
!
interface Ve 20
vrf forwarding vrf1
ip anycast-address 4.33.3.3/24
ip icmp redirect
no shutdown
!
interface Ve 8192
vrf forwarding vrf1
ipv6 address use-link-local-only
no shutdown
!
|
