Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2367
Views
5
Helpful
4
Replies

Routing between Virtual Networks

Go to solution
scsc_tech
Level 1
Level 1

‎01-10-2019 12:17 PM - edited ‎03-08-2019 05:29 PM

If multiple virtual networks are created in the SD fabric, is routing between them handled by the fusion router, or does it happen at the boarder/cp or edge nodes?

 

Thanks

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tomas de Leon
Cisco Employee
Cisco Employee

‎01-10-2019 01:28 PM

The routing between Virtual Networks (VNs) is performed on the Shared Services\Fusion Router.  The Route Leaking occurs on that that router\switch.  The Fusion Router is connected to a Fabric Border.

 

SDA - Steps to configure Fusion Router
https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/213525-sda-steps-to-configure-fusion-router.html

 

CISCO VALIDATED DESIGN
Software-Defined Access - Design Guide
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Design-Sol1dot2-2018DEC.pdf

View solution in original post

4 Replies 4

Go to solution
Tomas de Leon
Cisco Employee
Cisco Employee

‎01-10-2019 01:28 PM

The routing between Virtual Networks (VNs) is performed on the Shared Services\Fusion Router.  The Route Leaking occurs on that that router\switch.  The Fusion Router is connected to a Fabric Border.

 

SDA - Steps to configure Fusion Router
https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/213525-sda-steps-to-configure-fusion-router.html

 

CISCO VALIDATED DESIGN
Software-Defined Access - Design Guide
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Design-Sol1dot2-2018DEC.pdf

Go to solution
AndiBuchmann157
Level 1
Level 1
In response to Tomas de Leon

‎01-10-2019 02:00 PM

Hi Thomas,

 

In the Fusion Router Setup PDF there is no vrf which contains the global routes. In the PDF there is only and exportstion / importation between the Univ and Campus VRF and later some injection work with the routemaps.

 

In the Cisco DNAC Deployment CVD there is a Global Routing VRF which gets exported and imported (See Page 52 in Cisco DNAC Deployment CVD).

 

Can you PLEASE explain / evalute what and why the correct way is when we have 2 border nodes connected to 2 fusion Routers (eBGP between Border and Fusion and iBGP between the 2 borders and also between the fusions)?? 

0 Helpful

Go to solution
Tomas de Leon
Cisco Employee
Cisco Employee
In response to AndiBuchmann157

‎01-10-2019 02:42 PM

The links that I sent are only to be used as a reference and that each deployment will be different and we can not cover or predict every Border to Fusion or Transit Router.  Most examples that you will see are for demonstrating the simple route leaking between the Fabric\SDA VRFs.   Access to other networks that are part of the GRT will need to be imported into each VRF.  In addition, Fabric VNs\VRFs may need to be "exported" into the GRT so the external endpoints can reach SDA devices if needed.

 

Yes.  The IP Transit will use EBGP to connect to the Fusion\Transit Router. If you connect the Dual or Multiple Borders, they will use IBGP between the Borders.

 

I hope this helps

0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎01-10-2019 07:12 PM

Routing between your VNs in your SDA fabric will occur on your fusion routers.  Your EBN/s will learn default routes via ebgp from your fusion/s.  On your fusions you will advertise and control via route leaking between each VN instance.  This will occur even when you have two users on the same edge node, but in separate VNs.  Obviously each scenario will be different depending on what you are attempting to accomplish.  It may not be a bad idea to utilize mutliple IP pools + SGTs in the same VN, and rely on CTS for security to potentially eliminate the need for fusion crossover.  On the contrary, multiple VNs also provide a legitimate level of security.  

 

I believe Cisco is eventually going to allow EBNs to also act as Fusions in the future.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents