cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for Cisco DNA Center Resources to help you on your journey with Cisco DNA Center

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

3122
Views
5
Helpful
7
Replies

Underlay/overlay conception in DNA

Hello, all!

I have read a lot of documentation about DNA but still have some questions.

1) What is the purpose of using underlay/overlay conception in SD-ACCESS? The only reason i see is to allow any devices not change its IP if they change their location. But may be there are some other reasons?

2) Does anyone know something about Virtual DNA Controller?

 

 

7 REPLIES 7
Beginner

Re: Underlay/overlay conception in DNA

Hello  Evgeniy,

 

1)The overlay is the main idea behind the fabric, once you have built the fabric, having the DNA controller, you don't need to define and configure vlans, trunks, spanning tree, SVIs and routing within the enterprise, which is really cool and reduces the overhead of operating an enterprise network,  also the security part is more simple and more automated, as you can build the policies based on the SGT/Identity, not based on the IP. 
so overall concept of operating a network is different, more simple and more automated.
compared to WLC/AP once AP joins the controller, you don't think much of the capwap traffic flow, you think only of the wireless part, and user traffic going out from the controller,  and so in the fabric, you will think of the end point, and how traffic is going out of the border. 
i hope that helps. 

2)for the virtual DNA center, it  is not officially available as a product, not even for  partners to do PoC or  Labs. 

 

Re: Underlay/overlay conception in DNA

You wrote

1)The overlay is the main idea behind the fabric, once you have built the fabric, having the DNA controller, you don't need to define and configure vlans, trunks, spanning tree, SVIs and routing within the enterprise, which is really cool and reduces the overhead of operating an enterprise network,  also the security part is more simple and more automated, as you can build the policies based on the SGT/Identity, not based on the IP. 

 

These are advantages of overlay network WITH DNA controller. But i am asking about only underlay/overlay.From my point of view, It gives me cool ability for roaming users to move from one part of network to another.

 

Anything else? 

 

 

Re: Underlay/overlay conception in DNA

Hi Mohammad,

i am trying right now to map ad groups / users to scalable groups via ise/dnac. i dont know where and how this mapping can be done. Can you provide some more information how i do assign, for example, my ad group "TestlabUsers" to my ScalabableGroup "TestlabUsersSG"?
Beginner

Re: Underlay/overlay conception in DNA

Please refer to the below mentioned URL:

https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/software-defined-access/white-paper-c11-739642.html

 

DNA Center appliance is only available as a physical appliance. 

VM for it is not supported.

Beginner

Re: Underlay/overlay conception in DNA

Highlighted
Beginner

Re: Underlay/overlay conception in DNA

Hi Evgeniy,

 

The reason for an overlay and underlay is to have an abstract level of carrying and segmenting data which runs through the network. With the use of an overlay we are able to keep specific information about the end-host such as source/destination MAC and IP, QoS, SGT and VNI, which is used by our Leafs and Borders to make right forwarding and security decisions. Furthermore, we are removing the need for Spanning-tree within the fabric because all traffic is routed, and we make good use of uplinks as ECMP preferably is part of the underlay.

It's easier to expand the underlay as intermediate devices doesn't have end-host information. They only care about forwarding traffic between VTEP's. 

 

/Anders

Cisco Employee

Re: Underlay/overlay conception in DNA

  1. Please refer the below link.

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/software-defined-access/white-paper-c11-740585.pdf

2.DNA center is only available on the DN1-HW-APL (DNA Center appliance) by Cisco

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards


This widget could not be displayed.