L3 Datapath – Deep Dive
L3 Datapath Scenarios
Let’s understand how L3 Forwarding is done. Forwarding flow based on L2 that was already explained earlier.
If the packet coming into leaf is L3 based, the first thing leaf checks is familiarity with destination IP address of EP. If the leaf switch already knows the IP address it forwards the packet to local port (if destination IP is on local leaf) or to remote leaf (if destination IP is not on local leaf).
If leaf doesn‘t know the destination IP address of EP, it will check its routing table to see if it has BD subnet for that destination IP in its routing table.
If BD subnet is present, ingress leaf will forward the packet to Spine Proxy. Spine Proxy will check its COOP database and forward the packet to remote leaf or start with ARP glean (if destination IP is not in COOP database).
If BD subnet is not present in routing table, it searches for any other entry in routing table. If there is a L3Out route the ingress leaf will forward the packet to appropriate border leaf. If there isn‘t any route in the routing table, ingress leaf will drop the packet.
Pervasive GW is configured as "Subnets" under BD .Pervasive GW is a default GW and at the same time represents subnets (IP ranges) which belong to the BD. Pervasive GW is installed as SVI to all leaf switches which have Endpoints for the BD (so that every server can have one-hop away default GW) When multiple Pervasive GWs are configured on the same BD, SVI will have secondary IP Pervasive Routes may be propagated to leaf switches that don't have local EP for that BD.
BD-A/EPG-A only on Leaf-1, BD-B/EPG-B only on Leaf2 and a contract is tied between EPG-A and B. SVI-A is created on Leaf-1, SVI-B is created on Leaf-2 due to the contract
- Route-A is installed on Leaf-2 without SVI-A
- Route-B is installed on Leaf-I without SVI-B