Cisco Community
English
Register
See the latest announcements from Cisco Live US 2019
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Webcast- Catalyst 9000
373
Views
0
Helpful
0
Replies
Highlighted
KELLEYD
KELLEYD Beginner
Beginner
‎03-09-2018 04:53 AM
‎03-09-2018 04:53 AM

Best Practices: Point-to-point via the fabric?

Hello. I've picked up a lot from some of you who are ACI Kung Fu Masters and some of you who are very creative and have even more bizarre use cases than I. :) So, I figured I would post here asking for best practice suggestions.

 

We have two data centers, several miles apart.  We have them setup using multipod on 3.0(2k).  The IPN is a a pair of N9Ks (Standalone) at each DC, each with a 10G Metro-E between them.  Along with the IPN VRF, we are also routing our core area 0. This is also where our common L3out terminates. (Core VRF, not IPN VRF). Why does the common L3out terminate here? Read on and, if you are experienced with OSPF, you will probably pick up on why.

 

Our WAN circuits out to our various locations come into yet another pair of standalone N9Ks at each DC so that they can traverse our IPS before hitting our ASR1K at each DC.

 

For "Reasons", some of our DC SVIs remain on our ASR1K routers. They run VRRP across DCs. Currently, this is via the fabric  Each ASR has a port-channel to a leaf pair with the various VLANs trunked. Our data centers are, by policy, hot standby. So the ASR at DC1 is the VRRP master. It works out okay unless the need arises to have any given site use their backup WAN circuit as their primary. This use case has arisen.

 

This is an inherent problem with OSPF, so there is a standard fix.  And let's skip the debate over design. I inherited it. What I need to do is enable OSPF multi area adjacency between the two ASR1Ks. The requirement to do so is to have point-to-point adjacency between the two routers.

 

What I'm thinking is that I could simply use the existing port-channel and create a new SVI on each ASR. Let's call it Po100.666 (the necessary evil). ip ospf 1 area 0. ip ospf network point-to-point. ip ospf 1 multi area 1234. Drop the mic.  Enjoy life as women everywhere want to be with me and men everywhere want to be me.

 

The philosophical question: is that the right way to do this? The ACI fabric is for servers, not transit. But I am already doing this anyway. In theory, it would go away when Po100 goes away anyway.

 

Or will it? It's nice to have that multi area adjacency.

 

So if I don't use the fabric for transport, what do I do? QinQ tunnel through the IPN switches between ASRs? GRE? An EVPN through them? But I already have an EVPN setup with VXLAN encapsulation. So why not use it?

 

I think I have my answer but I wanted your opinions. What would you do?

 

Also, if you were to use the existing port-channel for this purpose, given that only these two endpoints would exist in the new non-routed bridge domain, how would you configure the BD and EPG?

 

 [Edit: ASR1K not 9k.]

Labels:
0 Helpful
Reply
Latest Contents
HSRP over Fabric Path
Created by sang jun park on 06-24-2019 07:33 AM
0
0
0
0
HSRP is not working with Fabric pathHi all. I am testing HSRP with FabricPath by virl I can ping from Access switch to Active router(titanium-nexus), Standby router(titanium-nexus) but both nexus is Active (HSRP), can you guys check fo... view more
Intersight Universal API Calls
Created by Ugo Emekauwa on 06-14-2019 09:57 AM
0
0
0
0
Cisco Intersight Universal API Calls The Cisco Intersight Universal API Calls module provides a set of functions that simplify creation, retrieval, modification, and deletion of resources on Cisco Intersight. Any available API types listed in the Cisco I... view more
Give Your CLUS Agenda a Boost - June 12 Edition
Created by daarteag on 06-12-2019 07:41 AM
0
0
0
0
   Day 2: ✅. Day 3, ready to roll! Want to fine-tune your agenda for today? These sessions still have space: Data Center Networking BRKACI-2403:  Meeting Business Compliance and IT Governance Using Cisco Network Assurance Engine (NAE) BRK... view more
Give Your CLUS Agenda a Boost - June 11 Edition
Created by daarteag on 06-10-2019 05:00 PM
0
0
0
0
  Day 1 is done! If you're thinking about dinner plans, we hear San Diego has great food. While you're waiting for your first shot of tequlia table, keep building your Cisco Live agenda! There are more great sessions still open for tomorrow,&n... view more
Give your CLUS Data Center Agenda a Boost - June 10 Edition
Created by daarteag on 06-09-2019 12:45 PM
0
0
0
0
  We hope you're on your way to join us at CLUS in San Diego! While you're waiting for your flight (or waiting for your flight to land!), keep building your Cisco Live agenda! There are plenty of great sessions still open on June 10. Here are s... view more
CreatePlease to create content
Discussion
Blog
Document
Video