Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
993
Views
0
Helpful
0
Replies

VXLAN Multisite BGW External Underlay Connectivity

George-Sl
Level 1
Level 1

‎09-11-2021 10:12 PM - edited ‎09-13-2021 10:38 PM

image.png

I have a difficulty with the site interconnect Underlay portion of the config..

 

image.png

 

image.png

 

BGW 1
interface Ethernet1/53
description TO-SPINE1
ip address 10.0.1.1/30
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking
interface Ethernet1/54
description TO-SPINE2
ip address 10.0.2.1/30
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking



BGW 2
interface Ethernet1/53
description TO-SPINE1
ip address 10.0.1.5/30
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking
interface Ethernet1/54
description TO-SPINE2
ip address 10.0.2.5/30
ip router ospf UNDERLAY area 0.0.0.0
ip pim sparse-mode
evpn multisite fabric-tracking



BGW1
router bgp 65501
router-id 10.10.10.101
address-family ipv4 unicast
redistribute direct route-map REDIST-LOCAL
neighbor 10.111.111.2
remote-as 65599
update-source ethernet1/1
address-family ipv4 unicast
neighbor 10.111.222.2
remote-as 65599
update-source ethernet1/2
address-family ipv4 unicast





BGW2
router bgp 65501
router-id 10.10.10.102
address-family ipv4 unicast
redistribute direct route-map REDIST-LOCAL
neighbor 10.222.111.2
remote-as 65599
update-source ethernet1/1
address-family ipv4 unicast
neighbor 10.222.222.2
remote-as 65599
update-source ethernet1/2
address-family ipv4 unicast



BGW1 Overlay Peering
router bgp 65501
router-id 10.10.10.101
neighbor 10.99.99.201
remote-as 65599
update-source loopback0
ebgp-multihop 5
peer-type fabric-external
address-family l2vpn evpn
send-community
send-community both
rewrite-evpn-rt-asn





In case we don't have a dark fiber in the middle, that DC Core must be the ISP I assume...

ISP AS# in the middle is 65599 and Site-01 AS# is 65501

both sites are BGP peers with the ISP

 

I have two questions

1) since I don't have access to the ISP's end portion of the config, is the ISP connecting those uplinks from one site(or each end) to the other site using MPLS L3 VPN?

2) in a typical architecture do we need to have one set of uplinks(circuit) for sites interlinks(interconnect) and we need another set of uplinks for internet connectivity?, so two sets of dedicated circuit for two different purpose, one for internet and one for interconnect?(like the picture demonstrated below)

I also find it impossible to use a single set of links for two purposes since you can't place the firewall between that BGP peering that's going on between the super spines and the ISP..

L4-L7 service insertion is supposed to happen between two L3VNIs you can't put them anywhere else...image.png

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card