09-26-2022 08:43 AM
we are building an SDA network with two Cisco9500 Border Nodes that are connected by BGP to a fusion firewall cluster (Fortigate). When DNAC configures the L3 border handoff it uses a /30 subnet between the Border Node and the external device, in my case the Fortigate. There is a L2 trunk between the border nodes and from each border node there is a L2 trunk towards the Fortigate. So i want to use the same vlan on both Border nodes for the connection with the Fortigate.
Does anyone know if you can you use a /29 subnet (instead of the /30) for the L3 Border handoff (BGP) communication?
kind regards,
Pascal
Solved! Go to Solution.
09-26-2022 10:37 AM
L3 Handoff automation will only include /30 subnets for peering configured from the L3 handoff IP Pool, in 2.3.4.x, manual L3 handoff config (done on the UI) will allow custom subnets.
Another way is to manually create the SVIs+BGP peerings manually with a /29.
09-26-2022 10:37 AM
L3 Handoff automation will only include /30 subnets for peering configured from the L3 handoff IP Pool, in 2.3.4.x, manual L3 handoff config (done on the UI) will allow custom subnets.
Another way is to manually create the SVIs+BGP peerings manually with a /29.
09-26-2022 11:23 PM
thanks for your answer.
We are now running 2.3.3.4. Do you know when 2.3.4.x will be released?
05-08-2023 09:02 AM
So in 2.3.4.x is /31 also allowed (like in the underlay) and when we have option to manually define VLAN Name and ID, can we re-use the same ID (e.g. 3001) in different fabrics (completely different borders, peers, etc.)?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide