Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1109
Views
5
Helpful
3
Replies

Multipod route preference

jamie-nicol
Level 1
Level 1

‎01-06-2019 06:50 AM - edited ‎03-01-2019 05:44 AM

Hi,

 

I have 2 pods, with 1 L3out, with interfaces profiles connecting to a firewall in each pod (for external access), topology like this:

 

===Cloud provider===

 |              |        (bgp)

fw1            fw2

 |              |        (ospf, single l3out, 2 interface profiles)

pod1           pod2

 

Suppose the route received from the cloud is eg. 10.10.10.0/24, and is received by both firewalls.

I then wish to redistribute the route into OSPF from both firewalls, using different metrics, such that fw1 would be the preferred exit point for the entire fabric. e.g. i could redistribute as E1 from fw1 and E2 from fw2, or manipulate the costs. I would like nodes in pod1 AND pod2 to use fw1 as the exit, with fw2 as a backup.

 

As the OSPF routes are again redistributed within the fabric into MP-BGP, will my OSPF metrics be lost? Will nodes in pod2 still prefer the route received from fw2? If so, is there a way to easily override this?

 

If this is not possible using OSPF then is it possible using BGP? My preference is to use OSPF.

 

TIA for answers.

Labels:
0 Helpful
3 Replies 3

micgarc2
Cisco Employee
Cisco Employee

‎01-08-2019 07:40 PM

For dynamic protocols this can be done with an interleak policy. If the route 10.10.10.0/24 is coming from both L3 outs then you can create an interleak policy on the L3 out, with a route profile that has a match statement permitting the10.10.10.0/24 prefix and a set statement with the local preference higher on the L3 out you want to prefer.

 

Hope this helps,

 

Michael G.

0 Helpful

jamie-nicol
Level 1
Level 1
In response to micgarc2

‎01-09-2019 02:16 AM

Thanks for your answer Michael.

I am using only a single L3out.

 

I think if i had 2 L3outs, then i would have to add the same route (10.10.10/24) to both L3out EPGs.

When i've attempted this in the past, ACI raises a fault regarding the overlap.

 

0 Helpful

micgarc2
Cisco Employee
Cisco Employee
In response to jamie-nicol

‎01-09-2019 06:56 AM

Yeah not sure if this can be done then. You may be able to accomplish with PBR on the external devices. I think the easier solution though is to split this into 2 L3 outs (each pod) and use the interleak policy. Regarding the overlapping. Just use 0.0.0.0/0 - External Subnets for External EPG on one of the L3 outs then it shouldn't give you that error.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License