cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1484
Views
0
Helpful
4
Replies

ACI MPOD with host route advertisement

tuanquangnguyen
Beginner
Beginner

Hi folks,

 

With host route advertisement capability in BD (along with dynamic routing L3Out), we can control ingress to which pod.

 

What if, I have two pods in two locations that also interconnect outside fabric via Leafs (L3Out-Pod1 and L3Out-Pod2). These L3Outs also connect to different zones in each location (non-ACI) via respective firewall pairs. Imagine a topology where ACI also acts as Core network. The outer zones are not interconnecting to each other (except for links coming towards ACI L3Outs mentioned above)

 

  1. Can Pod 2 Border Leaf learn host route from Pod 1 Border Leaf, and vice versa?
  2. How does forwarding take place when traffic, say, ingress Pod 1, but the endpoint is in Pod 2 when the respective BD/EPG is spanned in both pods? Does it forward via endpoint learning and IPN, or via host route learned on L3Out-Pod1 and ingress again in L3Out-Pod2?

 

For point 2, my speculation is that traffic would stay within the fabric (mapped to EPG, then get IRB'ed and traverse the IPN to reach the endpoint in Pod 2). But then, if that is the case, return traffic would egress local L3out-Pod2 which may incur asymmetric routing.

 

A picture speaks a thousand words

draft.jpg

1 Accepted Solution

Accepted Solutions

ADP-89
Beginner
Beginner

Hello,

 

Trying to answer inline:

 


@tuanquangnguyen wrote:

Can Pod 2 Border Leaf learn host route from Pod 1 Border Leaf, and vice versa?

 

<ADP> It won't happen. There is mechanism in action that will prevent routes originated from ACI to be learned back on a different L3OUT. ACI tags the OSPF/EIGRP routes with an ID based on the VRF. If it receives a route with that tag it will drop it. You can read more on this on the L3OUT White Paper - VRF tag and Transit Routing

 

How does forwarding take place when traffic, say, ingress Pod 1, but the endpoint is in Pod 2 when the respective BD/EPG is spanned in both pods? Does it forward via endpoint learning and IPN, or via host route learned on L3Out-Pod1 and ingress again in L3Out-Pod2?

<ADP> Based on the above answer POD2 will only know reachability of POD1 EPs via coop. So all traffic will remain inside the fabric/IPN(vrf MPOD).

 

Hope that helps,

ADP

View solution in original post

4 Replies 4

ADP-89
Beginner
Beginner

Hello,

 

Trying to answer inline:

 


@tuanquangnguyen wrote:

Can Pod 2 Border Leaf learn host route from Pod 1 Border Leaf, and vice versa?

 

<ADP> It won't happen. There is mechanism in action that will prevent routes originated from ACI to be learned back on a different L3OUT. ACI tags the OSPF/EIGRP routes with an ID based on the VRF. If it receives a route with that tag it will drop it. You can read more on this on the L3OUT White Paper - VRF tag and Transit Routing

 

How does forwarding take place when traffic, say, ingress Pod 1, but the endpoint is in Pod 2 when the respective BD/EPG is spanned in both pods? Does it forward via endpoint learning and IPN, or via host route learned on L3Out-Pod1 and ingress again in L3Out-Pod2?

<ADP> Based on the above answer POD2 will only know reachability of POD1 EPs via coop. So all traffic will remain inside the fabric/IPN(vrf MPOD).

 

Hope that helps,

ADP