Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13480
Views
15
Helpful
20
Replies

Shared L3Out in Common?

Go to solution
bcn-jbrooks
Level 1
Level 1

‎08-30-2016 07:47 AM - edited ‎03-01-2019 05:02 AM

Hi all,

I'm very new to ACI, but learning as much as I can.  We are in the midst of building up an ACI fabric mostly for lab use, running the latest v2.0 ACI code.

I'm trying to create a Shared L3Out (to the Internet) that all tenants will share.  I have a firewall connected to my ISPs that is connected to the ACI over a vPC.  I have not been able to find much into about how to do this.  Most documentation guides assume that I want to use a "routed interface" (or sub-interface), not a vPC.

This would be simple to do in a traditional network - a small transit network between the firewall and an SVI on the switch, but I can't figure out how to do this on ACI.

Do I need an EPG in the Common tenant for the "vlan" between fabric and firewall, then another EPG that gets Shared to the tenants?

Does anyone have a link to a good tutorial or something?

My mind is officially blown -- and that's after taking several Cisco training courses on ACI... 

Much appreciated!

J

Labels:
20 Replies 20

Go to solution
Leon
Level 1
Level 1
In response to t.houmaiza

‎10-19-2016 07:46 AM

how did you configure the L3out ? What scopes do you have selected for the L3out ? 

0 Helpful

Go to solution
Jason Williams
Level 1
Level 1
In response to Leon

‎10-19-2016 11:46 AM

Leon

Thanks for using the Cisco ACI Support Community. The original question has been answer correctly. For any other questions regarding ACI, please open a new discussion and someone will assist. 

Thanks

Jason

0 Helpful

Go to solution
Jason Williams
Level 1
Level 1
In response to t.houmaiza

‎10-19-2016 11:45 AM

t.houmaiza

Thanks for using the Cisco ACI Support Community. The original question has been answer correctly. For any other questions regarding ACI, please open a new discussion and someone will assist. 

Thanks

Jason

0 Helpful

Go to solution
jgesualdi
Level 1
Level 1
In response to Tomas de Leon

‎02-02-2018 05:16 AM

I'm building this  shared  l3out configuration in my lab. I'm Including  some of the original post config below.

 

In the tenant Common
- Create a VRF (common-v1)
- Create an External Routed Network (common-l3-ospf)

 

In the Tenant-Black
- Create a VRF (black-v1)
- Create a BD (black-bd1

 

In the tenant White
- Create a VRF (white-v1)
- Create a BD (white-bd1)

 

I'm providing and consuming the contacts as listed in the original post.

I have questions on what the routing tables look like.  First, I do see routes leaked between vrfs. In common-v1 I see white-bd1 and black-bd1 routes. On the external router I also see white and black bd routes. I was expecting that. What I don't see is the external router routes getting advertised into white and black VRF's. I do see them in the common vrf. 

 

What could be wrong?

 

Thanks

0 Helpful

Go to solution
kisankagr
Level 1
Level 1
In response to jgesualdi

‎09-26-2018 02:23 PM

Hi jgesualdi, I'm facing the same issue, did you fix this issue and how? Thanks
0 Helpful

Go to solution
kisankagr
Level 1
Level 1
In response to kisankagr

‎09-26-2018 06:06 PM

Never mind, I found the issue. BGP RR policy was missing from POD policy.

Thanks
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License