cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5257
Views
6
Helpful
9
Replies

SDA fabric-L3 handoff HA

hello,
I have a switch 9500 which will be the border node of SDA fabric also I have two switches 9300 (no stack ) which will be two fusion routers, how I can ensure redundancy for the L3 handoff in my design

 

Cdlt,

1 Accepted Solution

Accepted Solutions

Hi,

 

When you say '2 bgp session with the 2 edge switches' I'm assuming that you mean the 2 fusion switches as per your first post?

 

If so, L3 handoff automation will automate the basic BGP parameters to establish an eBGP peering between the border and each fusion switch for each selected VN. You will need configure the necessary VRFs, SVIs, BGP parameters etc on the fusion switches manually.

 

Path selection between the fabric border and the two fusion switches will be based on standard BGP best path selection process. As far as I know, If you need to manipulate the path selection then you will need to configure any required policies on the borders manually or by using DNAC center templates. Alternatively, you could configure BGP policy on the fusion switches to influence border<->fusion ingress/egress path selection without changing the configuration on the borders themselves.

View solution in original post

9 Replies 9

willwetherman
Spotlight
Spotlight

Hi,

 

Will your 9500 fabric border be deployed in a pair using Stackwise Virtual (which is now supported as of DNAC version 1.3.3.x) or will it be a single device? 

 

The recommended method to provide L3 handoff redundancy will be to connect a link between the border node and each 9300 fusion switch (connecting from a separate physical 9500 switch if using SWV) and then configure eBGP peering between the border and each fusion switch for both the underlay and for each overlay VN that requires external connectivity. Using BGP for both the underlay and overlay keeps everything consistent (Border Handoff Automation uses BGP) plus BGP provides inherent loop prevention (using as-path) and is policy rich if you need to implement any traffic engineering. Depending on your requirements, you may also need to configure iBGP between the fusion switches to provide additional path resiliency.

 

The following Cisco Live slides (that are available from the on-demand library) provide really good examples of the supported border handoff resiliency designs (for both fusion switches and firewalls)

 

BRKCRS-3493 Real World Route/Switch to Cisco SD-Access – see slides 25 to 36

 

I hope that this helps

Thank you willwetherman

hello,

thank you for your replay ,

can you share the BRKCRS-3493 please ?

 

Best regards

 

You can access the slides from the following link. The session presentation is also worth watching.

 

https://www.ciscolive.com/global/on-demand-library.html?search=3493#/session/1571888607137001yDeW

hello,

thank you for your support ,

so if i will 2 bgp session with the 2 edge swicth which attribute will be used by the SDA fabric  to select the path ?

or i must configure manually under the SDA border in CLI

 

Regards

Hi,

 

When you say '2 bgp session with the 2 edge switches' I'm assuming that you mean the 2 fusion switches as per your first post?

 

If so, L3 handoff automation will automate the basic BGP parameters to establish an eBGP peering between the border and each fusion switch for each selected VN. You will need configure the necessary VRFs, SVIs, BGP parameters etc on the fusion switches manually.

 

Path selection between the fabric border and the two fusion switches will be based on standard BGP best path selection process. As far as I know, If you need to manipulate the path selection then you will need to configure any required policies on the borders manually or by using DNAC center templates. Alternatively, you could configure BGP policy on the fusion switches to influence border<->fusion ingress/egress path selection without changing the configuration on the borders themselves.

hello,

thank you for the support

 

best ragards

hello,

 

the two 9500 swith will not be stack , so i must configure l3 hand off for each switch with DNAC ??

 

regards

Yes, if you have 2 x 9500 fabric border nodes then you will need to configure at least one L3 handoff on each node to provide external network connectivity which is standard design. When doing so, DNAC will allocate a unique VLAN/SVI per VN that you handoff per border

Review Cisco Networking for a $25 gift card