Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
1
Replies

Inter-connecting ACI ON-Prem to Public IaaS Cloud

m1xed0s
Spotlight
Spotlight

‎06-29-2022 08:11 AM - edited ‎06-29-2022 09:16 AM

I have been reading vaious Cisco documents about ACI Hybrid Cloud setup (for Azure or AWS). However I am kind of confused from one doc to another. Here below are some confusing points hope someone could help clearify.

 

Whether using raw Internet OR DX/ER to physically connect between On-prem and Cloud (AWS/Azure), Is IPsec tunnel mandetory required on top of the Internet transport as well as the DX/ER? Update: answered by the link included in the reply.

 

If IPsec tunnel is configured/enabled for the ACI Hybrid Cloud inter-site transport setup:

  1. What would be the termination point of the tunnel on the cloud side (the Cloud native VPN gateway OR CSRv/CAT8Kv), if using raw Internet?
  2. On the on-prem DC side, can the devices inter-connecting the ACI Spine to ISN also be used as the IPSec termination point for on-prem DC?
  3. Assuming only the MTU1500 is supported on the transport, what would be the performance impact of the IPSec termination points for packet fragmentation? Update: answered by the link included in the reply.

Thanks!

Labels:
0 Helpful
1 Reply 1

m1xed0s
Spotlight
Spotlight

‎06-29-2022 09:14 AM

This article below, not sure how I missed it from the last round of the doc reading..., answers majority of my questions on Inter-Site connectivity but not all.

 

https://www.cisco.com/c/en/us/td/docs/dcn/whitepapers/cisco-cloud-aci-hybrid-multicloud-design-guide.html#IntersiteConnectivity

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License