Routing over PKL

mohammedrafiq · ‎08-01-2012

Hi,

In Nexus 7K ,it is not recomended to run L3 routing over vPC, rather install separate L3 link between two vPC pairs.Is it recommend to run L3 over keep-alive link insted, if its is a separate physical link?

I know some people might doing it but, is it a valid and accepted solution from Cisco in case of any issue and you have to open up TAC case?

Regards,

ogamanya · ‎08-01-2012

As far as routing over VPc is concerned, I assume you mean to say Peer link? i will try to summarise it as best i can

You can run a dynamic routing protocol forming adjaceny between the 2 7K's over the peer link
You should not have a seperate device (apart from the 2 N7K's) forming an adjacency with the N7K's over the peer link. This does not work due to the loop prevention mechanisim on the peer-link

If you need to foarm adjacency with other devices apart from the N7K's, then it is recommended to install a seperate link. Hope this helps

mohammedrafiq · ‎08-01-2012

Hi Thanks for your response,

I need to form adj between pair of ASA and a pair of 7k, one ten-gig link from each nexus formaing vpc po100.

Now my questions is , yes we need seprate l3 physical link but can we use PKL link instead?

Also, connecting ASA daul homed to both Nexus is ok or just connect each ASA sigle home to each Nexus?

Regards,

ogamanya · ‎08-01-2012

Best practice your PKL should be in a seperate VRF. Short answer is you could use the PKL to do anything other than PKL functions however keep in mind the more you merge PKL functions with other services, the more susceptible you become.

To answer your second question, Dual homing gives 2 basic advntages, bandwidth scaling and resiliance. In your case the FW design is a resiliance factor because i take it they will operate in (Active / Stand-by), so if you need 20G BW towards the FW, sure go ahead and VPc. if not, you gain very little by doing so