NDFC MultiSite deployment

ashortPresidio · ‎10-02-2024

All,

I have a design I need to try to retro fit ND & NDFC into & I am am having a problem trying to confirm the design on paper & in early deployment.

[Greenfield] ND cluster has been deployed as recommend, as a centralized, single-site deployment. We have enable NDFC service & on boarded our first fabric in the DC. The issue we have is looking at how we connect the 2nd fabric which will be in the Campus. We have no existing network in the DC as it is greenfield & no L3 links to the campus. No core switches have been included in the design we have inherited. As the 2nd fabric switches need to accessible from ND Data & Management subnets for a discovery, I am seeing a huge issue in getting the 2nd Fabric onboard without an existing L3 link to provide that connectivity.

We will have 2 crosslinks between our BGW/Spines but this won't help the discovery of the switches at this point. Campus switches will sit on a different management switch & subnet. Unless I add some preconfigs to the crosslinks on both BGW/Spines to provide that L3 connectivity & add the required routes, I can't think of anything else to do. Added to the fact that if we on board the new 2nd fabric, we won't be looking at preserving the configs to do a greenfield deployment.

FYI no WAN services are available, no perimeter switches have been deployed either. We will only have the crosslinks to work with at this stage of the deployment.

Any suggestions to my issue will be greatly appreciated. It has been hard to find something to guide us to try to retro fit this with ND from a traditional design.

Regards

High-Level diagram

M02@rt37 · ‎10-02-2024

hello @ashortPresidio

Your best option in the short term is likely to configure the crosslinks as L3 links between the BGW/Spines and set up routing or static routes to allow management traffic between the DC and Campus. This will allow NDFC to onboard the Campus fabric. Once the onboarding is done, you can then adjust the configuration for a greenfield deployment.

Long term, you'll need to revisit the design to ensure proper L3 connectivity is in place, either via core switches, WAN, or OOB management.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

M02@rt37 · ‎10-02-2024

To go further, by configuring these crosslinks as L3 interfaces and setting up routing protocols or static routes, you can enable the necessary management and data connectivity between the fabrics, allowing NDFC to discover and onboard the Campus switches. Preconfiguring basic L3 connectivity on the Campus switches' management interfaces or using an out-of-band management network can also help achieve the same goal. While this approach works in the short term, it’s important to plan for the long-term deployment of proper core switches or WAN connectivity to ensure stable L3 links between the DC and Campus for scalable operations.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

ashortPresidio · ‎10-03-2024

Thanks for the feedback M02@rt37.

We will be looking into a more robust solution but have to work with what we have right now -- customer budget constraints.

We are going to test a solution with both fabrics in the same location, do the discovery locally, get L3 working then shift the campus hw to it final location, patch the crosslinks in & have our fingers & toes crossed it all comes back into NDFC again.

I will provide feedback once we have a working solution for future reference.

M02@rt37 · ‎10-03-2024

You're welcom @ashortPresidio

Testing the discovery with both fabrics in the same location is a smart move, as it will allow you to confirm that the configurations and onboarding work as expected before moving the hardware to its final location. Once L3 connectivity is fully operational, relocating the campus equipment and relying on the crosslinks for connectivity should be smoother.

While this workaround is in place, keeping fingers crossed that the hardware comes back into NDFC without issues post-relocation is a common strategy in constrained scenarios. Ensure that all necessary configurations (e.g., static routes or dynamic routing) are maintained or adjusted during the move. You have out-of-band access to the campus switches or an alternative management path if needed during the transition...

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.