I have an issue at the moment with a pair of Fabric Border 9500’s. The Fabric Borders are separate nodes (and are also Control Nodes for the network) and DNA has configured these with the same loopback addresses for the VN’s we have created. I have connectivity issues with edge clients in any VN which stems from having both Border/Control nodes active on the network at the same time. If I turn off Border 2 everything works fine.
My question is around the border to border connectivity. I currently have a L3 point to point BGP interface between the two borders, is this correct? Or should this link carry the VRF's?
I have found the following doc, which is good but doesn't detail the interconnectivity for this L3 link:
Thanks to a couple of guys on WeBex teams and a few Cisco guys I have worked out the configuration required. There is also a possiblity I was hitting an ISIS bug : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm29593/?reffering_site=dumpcr
Running BGP and ISIS across the trunk link between the Border routers with the trunk link carrying the VRF's. Have also performed the recommendations regarding the above bug and everything is now working well.
Just for info, running the following software:
DNA - 1.2.6
ISE - 2.3 (patch 5)
9500's - 16.8.1a (required for Virtual Stacking)
9300's - 16.6.4a
WLC 5520's - 220.127.116.11
All 3 DNA servers came with 1.1 software. 2 * DNA servers flashed from USB with 1.2.4 and then upgraded to 1.2.6 (**** use Etcher to build the bootable ISO ****), the other server upgraded from 1.1 to 1.2 via the DNA GUI. All servers working fine in a non clustered mode (waiting for the update from Cisco to allow for clustering on a production environment).
I’m using Stackwise Virtual on the Fusion Routers but these are outside the Fabric. Not sure whether Stackwise Virtual is a recommended and validated design within the Fabric (say for the Border / Control switches).
Have had a discussion with Cisco today whether to upgrade to 16.9.2 as the version I am running 16.8.1a is meant to be a short lived release. Smart Account functionality with 16.9.2 which will mean further discussion with the customer though😄
Hopefully we might get a comment from a Cisco representative to confirm either way.
Plz go through the following link: