cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
124
Views
0
Helpful
2
Replies
Highlighted

(ASK) ACI Service graph PBR Backup Configuration

Hi,

 

I want configure service graph PBR in ACI Multipod, first firewall ASA I deploy in POD-1 and second one I deploy in POD-2.

My goal is all traffic should be redirect to firewall ASA in POD-1 as primary, if this ASA down, traffic will be redirect to second ASA in POD-2.

I already know, how to configure PBR to one device only.

 

Thanks

 

 

2 REPLIES 2
Highlighted
Collaborator

Hi @williammanurung 

One of the most common options is the deployment of an active-standby service node (FW) pair in different pods: the active firewall node is in Pod1 and the standby node is in Pod2. In this case, all the traffic for communication with the external network (north-south) or between internal endpoints (east-west) must be hair-pinned to the pod in which the active service node is located.

 

Reference:  https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739571.html#Activestandbyfirewallspairstretchedacrosspods

 

Stay safe,

Sergiu

Highlighted

Hi  @msdaniluk 
 
Thanks for reply.
In my design i will deploy independent active-standby firewalls pair in each pod, then will integrate using service graph.
Because my goal is some traffic will be direct to Firewall in POD 1, but another traffic will be direct to Firewall in POD 2.
Do you have idea to achieve that?
 
Thanks.

Content for Community-Ad