One of the most common options is the deployment of an active-standby service node (FW) pair in different pods: the active firewall node is in Pod1 and the standby node is in Pod2. In this case, all the traffic for communication with the external network (north-south) or between internal endpoints (east-west) must be hair-pinned to the pod in which the active service node is located.
Thanks for reply. In my design i will deploy independent active-standby firewalls pair in each pod, then will integrate using service graph. Because my goal is some traffic will be direct to Firewall in POD 1, but another traffic will be direct to Firewall in POD 2. Do you have idea to achieve that?
Hello,I understand that Contracts in ACI that are enfored by the leafs are stateless ACL. When is an ACI Contract stateful?- as far as I know when using AVS/AVE?- what about when using Kubernetes/Openstack integration with ovs?
*This event has been rescheduled for causes beyond our control, we appreciate your understanding.
[ The link to the discussion will be published on December 7th ]
This event is an opportunity to have your questions answered on tools available for Nexus 30...
I'm having a strange problem redistributing iBGP routes to OSPF on Nexus 9000. Initially I had an open prefix list to get things working. Some of the routes weren't being redistributed to OSPF and I found this article which helped which said you nee...