cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1100
Views
0
Helpful
0
Replies

Cisco ACI: Okay to mix dmz and intranet?

NejjiKhan31791
Level 1
Level 1

I've seen a few videos and docs that describe it being done, but was wondering about those who actually use ACI to day to day in their data centers.

We have a fairly mature and stable production ACI system for our intranet server infrastructure, and I was wondering if I could extend this to our DMZ servers. All of the traffic forwarding between DMZ tiers would be handled by firewalls. ACI switch fabric would be doing purely L2 and L2-extension. Zero routing and no contracts. Also, all of the AppProf/EPG/VRF/BD would be contained within a separate tenant in ACI as well.

I would rather not stand up a whole separate fabric for this, and the stretched layer2 would be critical for delivering dmz capability where there's lack of internet infrastructure.

Any thoughts? Safe to do?

 
0 Replies 0

Review Cisco Networking for a $25 gift card