cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
566
Views
0
Helpful
2
Replies
udo.konstantin
Beginner

Layer 2 Connectivity between different Tenants

Hi all, 

 

for a given ACI Design with more than one tenant we have the requirement to extend one L2 Domain to another Tenant because of smooth migrating different systems. We would like to move from network centric to application centric and because of this we create new two tenants where the first applications should be moved. 

I know how to leak different routes between Tenants but I'm not sure how or if it works to extend a L2 domain. 

 

Thanks 

Udo 

2 REPLIES 2
rocky1
Beginner

may be you will extend L2 domain from one Tenant through your L3 router with the help of VPLS and coming back to ACI fabric and will land up in different Tenant.
Claudia de Luna
Rising star

Hey @udo.konstantin,

 

I've been contemplating this scenario since your first posting and the only thing I can come up with is to treat the "current" ACI fabric just like an old Nexus environment and use some classical ethernet equipment to bounce the layer 2 back into the new tenant.    We obviously can't connect the ACI fabric to itself without trigger MCP.  I can't see how to do it within the fabric since we violate the MIT relationships (EPG -> ANP -> Tenant).

 

So now you start with your gateway for vlan 100 in Tenant 1 and advertised via the Tenant1 L3 Out (step 1).  You extend the L2 via static path, bouncing it off classical ethernet switches until you reach the tipping point on the gateway at which point you move the gateway into Tenant A, enable unicast routing on the Tenant A Vlan100 (or whatever it is now) BD and disable it on Tenant 1 Vlan100 BD or shut it down altogether if there is nothing left (step 2).

I suspect you have already thought this one through and were hoping for a cleaner way but I truly can't think of one! :D

 

aci-migration-udo-2020-02-21_06-02-13.jpg