I have chalenge to migrate an old design (PCI network with a lot of firewalls) to a fabricpath. Also, I need to understand whats the best strategy to take all vlans and send to spine, that today are separate with the fws.
So, everthing that I read until now about fabricpath is to have all DC vlans in the spine. This is a big change for my topology, because ever single vlan is behind a fw with isolated bridge domain (most of the times 2960's or 4500).
The first part of this chalenge is send all this vlans (of course consistently) to a spine (N7K). In this step my question is: Is this a really good idea?
The second part, and for me the big one is: What's the best fit? Border Spine or Border Leaf? To give a little more information to answer, I have a datacenter interconnection and internet.
The things that I can't understand is how can I will work with all vlans to go out the DC, either to DCI or Internet. Because when I have a border leaf I must have to create a routing to in/out, but how? I will have the same vlans that I have in spine to border leaf? OR no, I will have another fabricpath topology with specific vlans inside de border/spine leaf?
I need help to advance/understand in this design.
Thank you everyone!
Solved! Go to Solution.
Thank you for your response Rick1776!
In this first moment, we can´t buy anything new to the infrastructure. This is bad point... BUT, I i want to organize everthing that I could.
I will check the link that you sent to me!
I read the pdf that you sent, and I saw some details that solve part of my design "issues".
The last point that still not solve is how is the best fit of border leaf that I could adopt.
I have at least five kind of border leafs: internet, dci, acquirers, banks and partners.
This five layers is specific for each one, but I know that I could merge acquirers and banks together. My question is: Is smart to still have five layers, or is better to merge all in one, or at least merge some ones. If I choose to keep this layers.
Do you know some doc or live presentation related to border leafs? Some kind of comments about it?
Looking this image I don´t understand something. The red arrows shows how´s traffic flow, but the port-channel between this border leaf and spine could be a trunk? And I use some SVI to route the traffic that I want? Using or not vrf? My thoughts are correct?