Symptoms:
Unable to ping the Default Gateway from VRF 0 and all BFD Tunnels showing as Down.
If the Edge is prepared as a Transport Node and afterward, the tunnel interface is changed to a different fp-eth interface (on the edge), then the MAC is not updated to reflect the new FP Interface MAC.
In the Below outputs the FP-ETH0 and FP-Eth4 are part of same PG from the Host/VC prespective.
ESG-107> get interface fp-eth0
Interface: fp-eth0
ID: 0
Link status: up
MAC address: 00:50:#:#:#:#
MTU: 1600
PCI: 0000:0b:00:00
ESG-107> get interface fp-eth2
Interface: fp-eth2
ID: 2
Link status: up
MAC address: 00:50:#:#:#:#
MTU: 1600
PCI: 0000:1b:00:00
Now, check the Interface MAC for TEP interface under VRF 0.
ESG-107> vrf 0
ESG-107(vrf)> get interfaces
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-####-###### 0 0 TUNNEL
interfaces
interface : 9fd3c667-32db-5921-#####-#########
ifuid : 258
mode : blackhole
interface : e61b08cf-a2ec-5d3e-####-#########
ifuid : 467
name :
mode : lif
IP/Mask : 10.#.#.#/24
MAC : 00:50:#:#:#:#
LS port : 476c5ac7-2fc9-53ae-###-########
urpf-mode : PORT_CHECK
admin : up
op_state : up
MTU : 1600
ESG-107(vrf)> ping 10.#.#.#
PING 10.#.#.# (10.#.#.#): 56 data bytes
64 bytes from 10.#.#.#: icmp_seq=0 ttl=64 time=4.035 ms
64 bytes from 10.#.#.#: icmp_seq=1 ttl=64 time=1.789 ms
Now change the Interface from the FP-eth0 to FP-Eth4 by Editing the ESG TN configuration from NSX-T Manager.
ESG-107(vrf)> get interfaces
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-####-######### 0 0 TUNNEL
interfaces
interface : 9fd3c667-32db-5921-####-#########
ifuid : 258
mode : blackhole
interface : e61b08cf-a2ec-5d3e-####-########
ifuid : 472
name :
mode : lif
IP/Mask : 10.#.#.#/24
MAC : 00:50:#:#:#:#
LS port : 476c5ac7-2fc9-53ae-####-########
urpf-mode : PORT_CHECK
admin : up
op_state : up
MTU : 1600
ESG-107(vrf)> ping 10.#.#.#
ESG-107(vrf)>
--- 10.#.#.# ping statistics ---
3 packets transmitted, 0 packets received, 100.0% packet loss
*Root Cause*
MAC is only updated during the TN preparation, changing the pNIC doesn't trigger the MAC update.
The issue will be fixed in NSX-T 2.4.1 release of NSX-T
Workaround:
Change the TEP Pool to different IP Pool, save the configuration.
get interfaces
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-####-######## 0 0 TUNNEL
interfaces
interface : 9fd3c667-32db-5921-####-##########
ifuid : 258
mode : blackhole
interface : 25b096d7-801a-544f-#####-##########
ifuid : 498
name :
mode : lif
IP/Mask : 10.#.#.#/24 Since we changed the IP Pool, allocated the new IP and also updated the MAC.
MAC : 00:50:#:#:#:#
LS port : b4d51fa0-c28e-52c0-######-#########
urpf-mode : PORT_CHECK
admin : up
Again edit the ESG TN configuration and revert back to Original TEP Pool.
ESG-107(vrf)> get interfaces
Logical Router
UUID VRF LR-ID Name Type
736a80e3-23f6-5a2d-#####-######### 0 0 TUNNEL
interface : 6be42cc4-10dd-5e7f-####-#########
ifuid : 504
name :
mode : lif
IP/Mask : 10.#.#.#/24
MAC : 00:50:#:#:#:#
LS port : 5f016578-d0dc-5037-####-###########
urpf-mode : PORT_CHECK
admin : up
op_state : up
MTU : 1600
ESG-107(vrf)> ping 10.#.#.#
PING 10.#.#.# (10.#.#.#): 56 data bytes
64 bytes from 10.#.#.#: icmp_seq=0 ttl=64 time=3.438 ms