Please see attached photo for design
I know this is a VERY VERY VERY common design, but I just can't convince myself on how the VLANs can have internet.
InterVLAN routing is okay. VLANs talk to each other inside the N3k.
But if they want to have internet, what config does the N3k do and also the FW?
* is it L3 point to point (creating static routes)? how? because I think you cannot share one IP for each port in each N3K.
* or creating a VLAN Interface in the FW? so create a trunk connection from FW to Nexus3k?
* will vPC play a role here? can I do portchannel in firewall going down to Nexus? (will the FW see the 2 nexus as ONE nexus because of vPC?)
(If the switches were stackable, L3 would be the easiest way. static route from Core Sw to FW, and vice versa.)
But this is HSRP and really confuses me.
Hope anyone can clear this up. Thanks in advance!
