Tag Archives: DOCKER

Watch out for DOCKER hosts

Had an issue with endpoint learning that was perplexing.  I traced the MAC address to a VM that was running DOCKER.

Interestingly enough the IP address that I did the show endpoint for does not exist in the fabric.  I masked the IP addresses so they are not the actual IPs but you’ll see the results.

Leaf_105# show endpoint ip 10.299.66.16
Legend:
O – peer-attached H – vtep a – locally-aged S – static
V – vpc-attached p – peer-aged L – local M – span
s – static-arp B – bounce
+———————————–+—————+—————–+————–+————-+
VLAN/ Encap MAC Address MAC Info/ Interface
Domain VLAN IP Address IP Info
+———————————–+—————+—————–+————–+————-+
105 vlan-1615 0050.56bf.30d7 LV po7
common:CM_Primary_PN vlan-1615 10.299.38.20 LV po7
common:CM_Primary_PN vlan-1615 172.299.221.37 LV po7
common:CM_Primary_PN vlan-1615 172.299.221.38 LV po7
common:CM_Primary_PN vlan-1615 172.299.49.19 LV po7
common:CM_Primary_PN vlan-1615 10.300.112.19 LV po7
common:CM_Primary_PN vlan-1615 10.300.88.40 LV po7
common:CM_Primary_PN vlan-1615 10.300.88.33 LV po7
common:CM_Primary_PN vlan-1615 10.299.38.24 LV po7
common:CM_Primary_PN vlan-1615 10.299.66.110 LV po7
common:CM_Primary_PN vlan-1615 172.299.213.70 LV po7
common:CM_Primary_PN vlan-1615 172.299.223.71 LV po7
common:CM_Primary_PN vlan-1615 172.299.213.96 LV po7
common:CM_Primary_PN vlan-1615 10.300.156.71 LV po7
common:CM_Primary_PN vlan-1615 10.300.88.20 LV po7
common:CM_Primary_PN vlan-1615 10.300.88.35 LV po7
common:CM_Primary_PN vlan-1615 172.299.222.116 LV po7
common:CM_Primary_PN vlan-1615 10.400.120.116 LV po7
common:CM_Primary_PN vlan-1615 10.300.112.32 LV po7
common:CM_Primary_PN vlan-1615 10.400.120.42 LV po7
common:CM_Primary_PN vlan-1615 10.300.9.163.106

<80 more lines of the same stuff>

Solution was to check the “enforce subnet check for IP learning” check box in the bridge domain L3 configuration tab.

BD-Setting

You can read up on DOCKER fun-ness https://docs.docker.com/v1.6/articles/networking/

This does not occur in “traditional” networks because the endpoint learning is in the hardware now and it learns IP’s many different ways.

Advertisements