cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1427
Views
2
Helpful
5
Replies

Mixing L2 and L3 deployment on a single 1010

Patrick Colbeck
Level 3
Level 3

Hi

Is it possible to mix a 1000v L3 and L2 deployment on a single 1010 appliance, that is have one VSM in L2 mode and another in L3 mode ? I have a customer that has a VMware deployment with a single data centre that includes two differnet security areas that are each side of a L3 firewall.

On the side where the vCentre and 1010 live they would like to deploy in L2 mode but use L3 mode through the firewall for the small number of ESXi hosts that live the other side of the firewall.

On a related question will the 1010 NAM work over L3 to the VEMs over the firewall or does the NAM data VLAN have to be on all the VEMs that you are monitoring ?

Thanks

5 Replies 5

lwatta
Cisco Employee
Cisco Employee

You should be able to mix L2 and L3 and honestly if you wanted to use all L3 that would be fine.

I'm not a NAM expert but when i use it with N1KV and 1010 it's always with L3. I don't think the VEMs can forward traffic to the NAM via L2.

louis

Thanks for the quick answer Louis.

I am thinking of persuading them to go all L3 as it would make for sanity in the managment and configuration of the 1010 in that everything would be the same with less chance of confusion

Needed to know if you could mix though incase they wont buy the keep it consistent argument.

Talked to customer and they are amenable to L3 mode for both cases provided:

  • Cisco have no bias towards L2 mode (ie which is best practice)
  • There is no loss of functionality (including redundancy) in L3 mode.

On the first of these most docs I have seen recommend L2 mode but some of the newer DC design guides seem to recommend L3 mode. What's the current position on which is preffered or is it just a horses for courses question ?

Thanks

lwatta
Cisco Employee
Cisco Employee

All our documentation tends to lean toward L2 over L3. Going forward that will change. Our bias will become more neutral/L3 oriented. L3 tends to be easier to troubleshoot and scales better for some of the newer products VMware and Cisco are introducing that integrate with Nexus 1000V (think VXLAN, vCloud Director). L2 will not be going away and will still be supported.

As far as functionality there is no difference between L2 and L3.

louis

Thanks

Thats just what I/my customer needed to hear, it will put their mind at rest and make for a nice clean design.

Pat

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: