Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2280
Views
0
Helpful
2
Replies

L2 extension over L3 for DCI

tuanquangnguyen
Level 1
Level 1

‎10-31-2019 07:40 AM

Hi all,

I've stumbled upon a case where there's a need for L2 extension over a L3 link between DC (running ACI) and DRC (legacy Catalyst 6807). The 6807 supports L2TPv3 pseudowire, which I don't think has ever been available on the Nexus switches (ACI or NX-OS). Therefore, I'm looking for an alternative way for this setup, but full blown multi-pod and multi-site is currently far out of the touch for us at this stage.

1. Apparently, it is possible for us to use remote leaves (running ACI) to connect back to the DC ACI fabric through an IPN - our Leaves are all Gen 2 and Spines are 9332C.

2. Also, I could have deployed 2 more NX-OS switches as DCI (one in each site). The link between these are L3 (using routed ports). The DC ACI can extend the EPG to the DC's Nexus DCI, each of these would act as a VTEP and handle the VXLAN bridging over the DCI link. Then the DRC DCI would map that to the VLAN and hand it off to the legacy DRC Core.

3. However, as the planned DCI link is gonna be an L3Out (routed port) on the DC ACI side, is there any way to extend L2 over such L3Out in the future? Could a NX-OS switch perform as a VTEP on the DRC site in this case?

Thanks in advance.

0 Helpful
2 Replies 2

Gaurav Gambhir
Cisco Employee
Cisco Employee

‎11-04-2019 12:04 AM

Apart from what you already mentioned multi-pod, multi-site and remote-leaf. I have seen some configs where customers are using OTV on one NX-OS side and normal EPG on ACI side to extend L2 over legacy routed links.

 

NX-OS as VTEP is only possible with GOLF which is not L2 extension and the connections towards DCI networks are on the spines not on the leafs.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/L3_config/b_Cisco_APIC_Layer_3_Configuration_Guide/b_Cisco_APIC_Layer_3_Configuration_Guide_chapter_010010.pdf

 

0 Helpful

tuanquangnguyen
Level 1
Level 1
In response to Gaurav Gambhir

‎11-06-2019 07:31 AM

Hi @Gaurav Gambhir ,

Thanks for your reply.

I thought I saw a Cisco Live slide talking about having NX-OS switches as VTEPs on two ends (DC and DRC) connecting to the Border Leaf at DC and legacy Core at DRC. From such BLeaf, I would have to extend the EPG out to the NX-OS DCI switch, then let it handle the VLAN-VXLAN mapping. At DRC side it's simply a L2 access or trunk from the DCI switch towards the Core.

I don't think it's a really good practice to do such since the manual configuration on the NX-OS side would be such a hassle, it would affect scalability. What's your opinion on that?

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License