Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
408
Views
0
Helpful
1
Replies

inter EPG MSO

JlassiAhmed0345
Level 1
Level 1

‎04-22-2024 03:41 AM

Hi all, 

I have a question concerning a use case in our prod network.

We need to configure inter-communication EPG between two site via MSO , in this case i have two options :

 -First is to use a stretched VRF between sites and apply a stretched contract on both EPGs to ensure communication.

- Second is to configure the same VRF name locally in each site and apply a stretched contract on both EPGs to ensure communication.

Actually we need to know if the second options is correct .

 

 

Labels:
0 Helpful
1 Reply 1

AshSe
VIP
VIP

‎11-28-2024 03:33 AM

Hello @JlassiAhmed0345 Let's take a deep dive in both options. 

In your scenario, you are considering two options for enabling inter-communication between Endpoint Groups (EPGs) across two sites using Cisco ACI Multi-Site Orchestrator (MSO). Let's break down both options and evaluate their correctness.

Option 1: Stretched VRF

  1. Description: You stretch a single VRF across both sites and apply a stretched contract on both EPGs to ensure communication.
  2. Pros:
    1. Simplifies routing and policy management since the VRF is consistent across both sites.
    2. Ensures seamless communication between EPGs as they are part of the same VRF.
  3. Cons:
    1. Potentially more complex to manage in terms of fault isolation and segmentation.
    2. Requires careful planning to avoid overlapping IP addresses and ensure consistent policy enforcement.

Option 2: Same VRF Name Locally in Each Site

  1. Description: You configure the same VRF name locally in each site and apply a stretched contract on both EPGs to ensure communication.
  2. Pros:
    1. Easier to manage and isolate faults since VRFs are local to each site.
    2. Simplifies segmentation and policy enforcement within each site.
  3. Cons:
    1. The same VRF name does not imply the same VRF instance. Each site will have its own VRF instance, which means they are not inherently aware of each other.
    2. Requires additional configuration to enable communication between the two VRF instances, such as configuring external connectivity (e.g., L3Out) and route leaking.

Evaluation of Option 2

The second option, where you configure the same VRF name locally in each site, is not inherently correct for ensuring seamless communication between EPGs across sites. This is because having the same VRF name in each site does not automatically link the VRFs; they remain separate instances. To enable communication between these separate VRF instances, you would need to:

  1. Configure External Connectivity: Set up L3Outs in each site to enable routing between the sites.
  2. Route Leaking: Implement route leaking between the VRFs to allow traffic to flow between them.
  3. Contracts: Apply contracts to control the communication between the EPGs across the sites.

Conclusion

While the second option can be made to work, it requires additional configuration and complexity to achieve the desired inter-site communication. The first option, using a stretched VRF, is generally more straightforward and ensures seamless communication between EPGs across sites with less complexity.

Therefore, if your goal is to ensure straightforward and reliable communication between EPGs across sites, the first option (stretched VRF) is typically the recommended approach.

HTP

AshSe

Please rate the post, if it helped you!!!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License