Lesson 3: Demonstration, Part 2
In Lesson three, Venkata Naveen Chapa continues his demonstration of using ACI Layer 3 external connectivity by checking on the border leaves. He then tests if he can ping the VM and demonstrates what to do if you cannot reach it and are experiencing a problem. The first thing to do is verify if the subnet you have configured is in the routing table, which in this case, it was not. He then tests the reachability of the end point from the border leaf, which he discovers cannot connect. This leads him to look at the routing table and make changes.
From the Bridge Domain, Venkata adds the L3 Out he created and advertises it externally. He then checks the status of the EIGRP and its neighbors by checking the addresses of the border leaves. After he verifies the EIGRP's interfaces and the VLAN's role to point to the correct interfaces, Venkata looks at the BGP process.
First, Venkata looks at the border leaf to see which IPs are being redistributed and to verify that the same redistribution is occurring on the BGP and border leaf processes. Second, Venkata successfully verifies that the routes are correctly installed on the service leaf as well as on the border leaf. MPBGP is configured by Venkata to redistribute the routes and receive the routes from the service leaf. But in order to successfully ping the public IP, Venkata demonstrates that you must first inspect which packet denies you have.
Venkata investigates why the packets are being denied and uses the ACI UI to easily identify at the pcTag information. The L3 Out does not have a contract allowed for it, so Venkata goes into the contract information and adds a contract. As soon as that contract is created, a new zoning rule is created, which Venkata explains further. He then concludes the demonstration part of the L3 configuration by demonstrating that the endpoint inside ACI can now reach the public IP.
Venkata concludes the webinar by walking you through the POSTMAN script and by answering panelist and attendee questions.