cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Community
143
Views
5
Helpful
3
Replies
Highlighted
Beginner

Multipod route preference

Hi,

 

I have 2 pods, with 1 L3out, with interfaces profiles connecting to a firewall in each pod (for external access), topology like this:

 

===Cloud provider===

 |              |        (bgp)

fw1            fw2

 |              |        (ospf, single l3out, 2 interface profiles)

pod1           pod2

 

Suppose the route received from the cloud is eg. 10.10.10.0/24, and is received by both firewalls.

I then wish to redistribute the route into OSPF from both firewalls, using different metrics, such that fw1 would be the preferred exit point for the entire fabric. e.g. i could redistribute as E1 from fw1 and E2 from fw2, or manipulate the costs. I would like nodes in pod1 AND pod2 to use fw1 as the exit, with fw2 as a backup.

 

As the OSPF routes are again redistributed within the fabric into MP-BGP, will my OSPF metrics be lost? Will nodes in pod2 still prefer the route received from fw2? If so, is there a way to easily override this?

 

If this is not possible using OSPF then is it possible using BGP? My preference is to use OSPF.

 

TIA for answers.

3 REPLIES
Cisco Employee

Re: Multipod route preference

For dynamic protocols this can be done with an interleak policy. If the route 10.10.10.0/24 is coming from both L3 outs then you can create an interleak policy on the L3 out, with a route profile that has a match statement permitting the10.10.10.0/24 prefix and a set statement with the local preference higher on the L3 out you want to prefer.

 

Hope this helps,

 

Michael G.

Beginner

Re: Multipod route preference

Thanks for your answer Michael.

I am using only a single L3out.

 

I think if i had 2 L3outs, then i would have to add the same route (10.10.10/24) to both L3out EPGs.

When i've attempted this in the past, ACI raises a fault regarding the overlap.

 

Cisco Employee

Re: Multipod route preference

Yeah not sure if this can be done then. You may be able to accomplish with PBR on the external devices. I think the easier solution though is to split this into 2 L3 outs (each pod) and use the interleak policy. Regarding the overlapping. Just use 0.0.0.0/0 - External Subnets for External EPG on one of the L3 outs then it shouldn't give you that error.

CreatePlease to create content