Static Routes in Bridge Domains - any experience? (routed loopback)

goranje · ‎09-16-2021

Hello all,

We are migration to ACI from old cisco infrastructure and we have issue how to migrate vlan that has end points and network elements (elements that have loopback IP, that is reachable over interface IP via static route configured on the router).

Basically , if we have speak with ACI language, in same Vlan (subnet) we have Application EPG and L3out with static routing.

(see picture)

One solution seems to be to configure "Static Routes in Bridge Domains".

Do some one has experience with "Static Routes in Bridge Domains"?

Will this configuration fulfill our needs?

Or do some one has some other idea how to achieve needed configuration?

Best regards

Goran

RedNectar · ‎09-16-2021

Hi Goran,

Firstly, is the fact that you have VLAN 10 mentioned twice in the diagram twice intentional or a mistake?

But to answer your question, it is my understanding that this was pretty much the reason why Static Routes on BDs was introduced. So I believe it will solve your problem, but I will admit that I have not personally tested this.

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

goranje · ‎09-16-2021

Hi RedNectar,

Thank on you message.

Right Vlan should be VLAN 20, there was a mistake in the diagram . I have change it as it should be.

Best regards,

Goran

Sergiu.Daniluk · ‎09-16-2021

I confirm what Chris already answered - static routes in the BD is what you are looking for, since you have static routes for a /32 prefix (the loopback IP address)

Stay safe,

Sergiu

goranje · ‎09-20-2021

Hi all,

One additional question?

What happens if we have in same subnet hosts and routers with subnet behind them (not only /32 loopback). (see diagram)

Is it support it on ACI?

Any experience with this situation?

Best regards,

Goran

Sergiu.Daniluk · ‎09-20-2021

Its not supported to have non-/32 routes in a EPG.

Since the 10.10.10.15 and 10.10.10.16 are routers, you can configure a new interconnect between them and ACI, and L3out over that specific interconnect.

Cheers,

Sergiu

goranje · ‎09-20-2021

Hi Sergiu,

I agree with you that configuration of L3out is resolution.

But I have dilemma with the IP addresses, can I use the same IP address as on diagram on BD and L3out.

For hosts and /32 loopback I will configure BD with subnet 10.10.10.1, and APP EPG with port static building with needed encapsulation “30” in this case. With configuration of BD on needed leaf this will configure “interface vlan 30”

“interface vlan 30

vrf member tenant TEST

ip address 10.10.10.1/26”

My dilemma is can I create L3out with static routing using same enacp “vlan 30” and same IP address.

As I understood by default if I crate l3out with SVI it will also create vlan interface on the leaf.

If I use same encap 30 and same ip address 10.10.10.1/26 it will create new interface vlan (and have some conflict) on the needed leaf, or will attach already existing vlan interface to the new configured L3out?

Thanks,

Goran