Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7623
Views
5
Helpful
16
Replies

How to route traffic via Firewall in EVPN + VxLAN fabric

Go to solution
satish.txt1
Level 1
Level 1

‎04-07-2020 10:01 AM

This is what i am trying to design new network, this is just on paper nothing finalized and i am sure it has lots of issue like firewall should be on leaf not border leaf etc. so that is why i am here to clear all those doubts. I have following question related Spine-leaf design.

  • If we use anycast gateway in this design in that case leaf would be my edge gateway for all hosts connected to that leaf so how does Host-A will send traffic to Host-B via firewall?
  • Should i disable anycast gateway so each VLAN traffic route via firewall (my firewall is gateway for all VLANs)
  • what do you think about this design or this is not something i should be using?

temp_s_l (2).png

0 Helpful
16 Replies 16

Go to solution
anshujai
Level 1
Level 1
In response to Francesco Molino

‎01-05-2022 01:37 AM

@Francesco Molino _ thanks for the wonderful explanation. So in Option 3 the VLAN gateways will sit on firewall and there will be L3 routing bw Spine & Firewall so that any inter-vlan comms will happen on the Firewall (as FW is supposed to be hosting gateways of all the VLANs)?

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to anshujai

‎01-11-2022 08:40 PM

It represents how to handle an asa in a vxlan fabric for inter-vrf routing for example. 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Customers Also Viewed These Support Documents