This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed Campus architecture, it's components and operation.
Transit Control Plane node is part of your underlay network and primarily only needs to have reachability in the transport network towards Border Nodes (Default and Anywhere) and Cisco DNA Center in the Cisco's SD-Access for Distributed Campus architecture. Transit Control Plane node does not need to install all known routes in the Enterprise Network into the Routing Information Base. It basically can leverage your Default Border Nodes for any connectivity towards Cisco DNAC and DDI resources. It also needs to have underlay connectivity towards your Border Nodes (Default and Anywhere RLOCs) in multiple fabric sites. It is running the control plane protocol to provide reachability to end devices like hosts etc between different fabric sites. It must not be in the data plane forwarding towards Centralized resources like above.
Cisco DNA Center automates the overlay config for Transit Control Plane node and it would also set up eBGP sessions between Border Nodes and Transit Control Plane nodes (Cisco DNA Center picks up private AS 65540). One of the best practice recommendations here is to ensure that there is no misconfiguration done on the Transit Control Plane nodes where network operators could end up configuring the same BGP AS as Border Nodes if there is already a BGP AS configured (due to BGP AS was configured manually) and unfortunately, for example, worst-case scenario, it matched your Fabric Border Nodes AS. Then this would configure IBGP between Transit Control Plane nodes and Fabric Border Nodes. The implication is that this would result in routing issues for Cisco's SD-Access Network.
Please ensure that the underlying transport network is configured correctly so that the above best practices can be taken into consideration when planning to deploy Cisco's SD-Access for Distributed Campus architecture.
Please refer to below parent page and specific Cisco SD-Access for Distributed Campus with SD-Access Transit page for more information.
I just bought myself a 7206VXR for my home lab. This is replacing a typical home router, but I'm curious about the NAT configuration Say the interface that connects to the ISP is x.x.x.xThe interface that connects to the house is 192.x.x.x ...
I'm using version 16.3.7 of the C3650.increase the logging buffer size to 16000 andIf you increase the logging buffer level to informational, the size goes back to 4096.Are there any setting criteria that I do not know?
Hi there, I want to setup send syslog from a router(public ip) to SNMP server(private ip). I've successful setup sending syslog from another router(private ip) to snmp server(private ip). Do I need to do special con...