cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for Cisco DNA Center Resources to help you on your journey with Cisco DNA Center

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

931
Views
0
Helpful
11
Replies
Explorer

9200 switch Virtual Network

Dears,

 

i have a question here, what is the limitation of 1 no's of virtual networks in 9200L series switches,

 

Thanks

11 REPLIES 11
omz Rising star
Rising star

Re: 9200 switch Virtual Network

Contributor

Re: 9200 switch Virtual Network

Can you elaborate your question ?

-Rate helpful posts-
Beginner

Re: 9200 switch Virtual Network

Hi,

 

The 9200L switch is a basic equipment that intends to replace the 2960 for a branch office.
The 9200 model allows up to 4 VN, but the cost of the uplink makes you almost have to put 9300 as an access switch to be able to implement SD-Access without restrictions.
Be aware that with Wi-Fi controllers with 9200!

contollers.png

9200.png

Cisco Employee

Re: 9200 switch Virtual Network

Total VNs or virtuals networks will be one in case of 9200 switch. This information is pulled from Cisco Datasheet.

Explorer

Re: 9200 switch Virtual Network

the virtual network's are the underlay network in the DNA center, ?? Please confirm

Contributor

Re: 9200 switch Virtual Network

its actually the overlay. Also DNA Center is the controller, for managing everything including overlay network, the overlay can potentially span across multiple sites.

Interworking of SDA revolves around 3 protocols.

At Data plane - VxLAN

At Control plane - LISP

At Policy plane - Cisco TrustSec

This white paper is a good place to start learning more.

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/software-defined-access/white-paper-c11-740585.pdf

 

-Rate helpful posts-
Contributor

Re: 9200 switch Virtual Network

Dears

so this means i cannot have a 2 PC's ( Corporate PC and Guest PC) on this switch with different Virtual Network , for example if i want a guest virtual network and corporate virtual network to co exist on this switch it is not possible, becz when DNA will push virtual network to switch it will accept only one instead of two numbers.

Please correct me

Cisco Employee

Re: 9200 switch Virtual Network

You are correct. Maximum one SD-Access Virtual Network (VN) on 9200L. So you can have either CORP VN or GUEST VN, but not both. Please also be advised that the restriction applies to the whole fabric site, not just the switch. If you have an SD-Access site with 40x C9300s and 1x C9200L, then the whole site is limited to one VN. This is because users could roam to anywhere at a site, so it's not possible to have different VNs on fabric edge switches at same SD-Access site.

Jerome

Explorer

Re: 9200 switch Virtual Network

Dear Jerome,

 

Please also be advised that the restriction applies to the whole fabric site, not just the switch. If you have an SD-Access site with 40x C9300s and 1x C9200L, then the whole site is limited to one VN.

 

please elaborate more on the above statement.

 

OR in the other way to explain is as below.

 

That if we have multiple VN's on the network and it will be push from DNA to every switch hence the switch 9200L will not accept more than 1 , but if a user who is sitting on 9300 CORP VN and if he is moving to 9200L he will not get the access becz his port cannot be configured on the corp VN. this is what u want to mentioned.

Cisco Employee

Re: 9200 switch Virtual Network

Hello,

DNA Centre will look at lowest capability switch in a fabric site and restrict the number of VNs on entire fabric site to the VN limit of the lowest capability switch. So, if you have a fabric site with 40x Cat 9300 and 1x Cat 9200L then the whole fabric site, including the Cat 9300 switches is limited to one VN.

Jerome

Rising star

Re: 9200 switch Virtual Network

IMO if you are not limited on resources (money) you should run with 9300s if you are in search of a copper based edge node. The limitations alone from a scale perspective with the 9200s are not worth it unless you are running a pretty small shop. Some would say that it depends on the number of VNs you run. Others would probably argue the fact that you could run with 1 VN or up to 4 VNs in your fabric with the 9200 (depending on your uplink model). Something to consider from a design and purchasing type question/s should be how you wish to segregate your environment. What I mean by this is maybe 1 VN is sufficient with a ton of IP pools and separate SGTs, or maybe per requirements you need several segregated routing instances. In scenario 2, routing instances (VNs), you would have more work on your fusions from a leaking perspective. Anyway, I ultimately think that it comes down to your requirements. Good luck & HTH!
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards