10-04-2019 05:03 AM - edited 10-04-2019 05:04 AM
Pretty much what the title says. Is this possible, at least for a given L3Out?
Or is there a better way, maybe? I am configuring a DMZ L3Out. We have independent HA firewall clusters at each DC, so we need traffic to ALWAYS egress via Pod 1 unless the next hop is down. Others have suggested two L3Outs?
Thanks!
10-05-2019 12:02 AM
Hi @KELLEYD
you can set the local preference for BGP routing to external networks. I also assume both L3 connections are active. In this case you should keep care about asymmetric routing. Because with local preference you influence outgoing but not incoming traffic.
To influence incoming traffic you can use the BGP community AS-PATH afaik MED isn't available.
Regards
Udo
@KELLEYD wrote:Pretty much what the title says. Is this possible, at least for a given L3Out?
Or is there a better way, maybe? I am configuring a DMZ L3Out. We have independent HA firewall clusters at each DC, so we need traffic to ALWAYS egress via Pod 1 unless the next hop is down. Others have suggested two L3Outs?
Thanks!
10-05-2019 10:10 AM
I know that I can set local preference, but can I do so per border leaf or per pod? Here's basically what I want:
Pod 1 Border Leaf 101: Local Pref 100
Pod 1 Border Leaf 102: Local Pref 100
Pod 1 Border Leaf 101: Local Pref 70
Pod 1 Border Leaf 102: Local Pref 70
10-05-2019 11:12 PM
You can set the local preference for each L3Out and afaik not for a specific pod or border leaf.
Tenants - <Tenant name> - Networking - L3Outs - <L3Out-Name> - External EPGs - Route map for import and export
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: