Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1634
Views
10
Helpful
2
Replies

Multipod VLAN Overlap

Go to solution
Rajagopal Sivaramakrishnan
Level 1
Level 1

‎03-10-2021 05:28 AM

Hi All

 

I saw a few posts on VLAN overlap.. My scenario is a little different.

 

I have VLAN 10 - 10.10.10.0/24 in DC1, and the same VLAN 10 - 20.20.20.0/24 (different IP Range), and extended over multipod. 

 

To begin with the SVI's still stay in Nexus, but the local EPGs doesnt work. I was reading about Per port EPG's . Is that the only option in this case?

 

Also, when the SVI's flip over to ACI, can we just do a secondary IP address on the BD, and use both VLANs with the same EPG ID?

 

Regards

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to balaji.bandi

‎03-10-2021 07:07 AM

EPGs are not restricted to any IP subnets.  You can have multiple subnets using the same EPG.  Where the Per Port VLAN comes into play is when you're trying deploy multiple EPGs with the same VLAN encapsulation on the same switch.  If that's not your case, then it shouldn't apply.  What you should note is that your BD becomes your flooding domain, so expect that traffic from both subnets would be flooding into VLAN 10 on from both pods.   

Is your end goal to allow Endpoints from both subnets to be treated the same (communicate freely etc)?  This approach of mapping both subnets into the same EPG is going to allow this.   Another option you might want to consider is uSeg (Microsegmentation) and matching on the IP subnet, where you could separate the Endpoints (in ACI) based on their incoming subnets.  The end result would be something like this:
10.10.10.0_EPG
20.20.20.0_EPG

This would then also allow you to restrict external flooding to just the respective EPGs (Flood in Encap).

Robert

View solution in original post

2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-10-2021 06:29 AM 

can we just do a secondary IP address on the BD, and use both VLANs with the same EPG ID?

i was thinking the same way to have secondary IP for the VLAN other subnet.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Robert Burns
Cisco Employee
Cisco Employee
In response to balaji.bandi

‎03-10-2021 07:07 AM

EPGs are not restricted to any IP subnets.  You can have multiple subnets using the same EPG.  Where the Per Port VLAN comes into play is when you're trying deploy multiple EPGs with the same VLAN encapsulation on the same switch.  If that's not your case, then it shouldn't apply.  What you should note is that your BD becomes your flooding domain, so expect that traffic from both subnets would be flooding into VLAN 10 on from both pods.   

Is your end goal to allow Endpoints from both subnets to be treated the same (communicate freely etc)?  This approach of mapping both subnets into the same EPG is going to allow this.   Another option you might want to consider is uSeg (Microsegmentation) and matching on the IP subnet, where you could separate the Endpoints (in ACI) based on their incoming subnets.  The end result would be something like this:
10.10.10.0_EPG
20.20.20.0_EPG

This would then also allow you to restrict external flooding to just the respective EPGs (Flood in Encap).

Robert

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License