Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1061
Views
5
Helpful
1
Replies

SDA Transit per VN Settings

Go to solution
JL421-Retired
Level 1
Level 1

‎11-25-2020 02:32 PM

In our environment we have a number of sites with local fusion routers, with a border connected to it. We're currently using IP Transit with the local fusion routers providing a default route to our borders for all current VNs. We are looking at adding a guest VN to our deployment and would like to make that available from one central location to a number of other sites and are looking at using SDA Transit to accomplish this. Ideally, the following traffic would be present through the SDA Transit:

  • All guest VN traffic, including Internet bound
  • Site-to-Site traffic, without Internet for all other VNs

It seems that in DNA-C 1.3.3.8 if you setup SDA Transit on a border, you have the option of selecting "This site provides internet access to other sites through SDA Transit.", but it doesn't limit setting that per VN. I've found some materials that say that as long as other borders already have a default route for their VNs that traffic should egress locally, but others that say that the LISP route will override the local route table if the Internet access option isn't selected. I really don't want to have to enable the Internet access option at every site, as that would appear to cause Internet traffic to round-robin through all sites configured with SDA Transit.

 

So is there a way to limit what the default route availability per VN? Or am I better served by waiting for Multi-site remote border feature in 2.1.2.X?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎12-02-2020 12:21 AM

Not supported through DNAC automation yet. There are plans for multiple internet gateway sites but not per VN yet.

This can't be done either by advertising summaries of 0.0.0.0/1 and 128.0.0.0/1 from Fusion to Borders in Guest VRF as the first 0.0.0.0/1 won't be allowed to be imported into LISP.

View solution in original post

1 Reply 1

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎12-02-2020 12:21 AM

Not supported through DNAC automation yet. There are plans for multiple internet gateway sites but not per VN yet.

This can't be done either by advertising summaries of 0.0.0.0/1 and 128.0.0.0/1 from Fusion to Borders in Guest VRF as the first 0.0.0.0/1 won't be allowed to be imported into LISP.

Customers Also Viewed These Support Documents