Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
412
Views
0
Helpful
2
Replies

Cisco ACI Multipod Service graph PBR (East-West Segmentation)

yaseenhasan
Level 1
Level 1

‎07-09-2024 12:08 AM - edited ‎07-09-2024 12:15 AM

Hello @Robert Burns / All

I'm implementing service graph in PBR mode in a multipod, each pod has an active/standby pair of Firewalls. The fabric consists of one tenant/ one vrf and several bridge domains / EPGs (Network centric) that are spread across both pods. The end goal is to segment traffic between EPGs. I am leaning towards applying contract on the VZ-Any level and the contract references a service graph. 

My question here is - When Devices are configured under L4-L7Services, would I configure a device for each pod or just configure one device and include firewalls from both pods under one device?

Regards

YH

Labels:
0 Helpful
2 Replies 2

Ibrahim Jamil
Level 6
Level 6

‎07-17-2024 07:35 AM

Hi Mr Robert Burns , Hi All

Greeting

I m doing almost the same project but for North-south traffic ,  FTD Cluster will be stretched across PODs + LB F5 , i m struggling finding DOCs mentioned such setup

 

can u pls give us Gotchas to go further

 

thanks

 

Ibrahim

ME Region / Dead Sea

 

0 Helpful

AshSe
Level 1
Level 1

‎07-31-2024 04:08 AM

Hi @yaseenhasan , below is my understanding based on details shared by you. Please check and validate/correct:

MoD Physical Connectivity:

Screenshot 2024-07-31 at 3.38.56 PM.png

 

 

 

 

 

Logical Connectivity:

Screenshot 2024-07-31 at 4.37.04 PM.png

I am sorry to say that I am not able to understand your question. Could you please elaborate your question.

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License