Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
131
Views
0
Helpful
3
Replies

Anycast gateway config

KevinR99
Level 1
Level 1

‎08-07-2024 02:12 AM

Hi

My understanding was when I create an Anycast gateway in SDA it is pushed out to the edges as an SVI for the clients on the Edge to use.  I also understood that on the Border/CP the same IP address was pushed out but this time as a loopback address where the loopback id is the same as the Edge SVI vlanID.  However, on my network I see some, not all, Anycast gateway addresses on my Border as SVI's. Some are Loopbacks and some are SVI's.

Is this expected?

I thought the gateways were loopbacks on the Border/CP and that allows the Border to then advertise them externally via BGP.  With an SVI on the Border BGP still advertises the route but I don't understand why some are Loops and some are SVIs.

Thanks, Kev.

Labels:
0 Helpful
3 Replies 3

andy!doesnt!like!uucp
Spotlight
Spotlight

‎08-07-2024 03:33 AM - edited ‎08-07-2024 04:10 AM

To answer your Q some better understanding of your deployment is needed.
There are some cases for the SVI to be present on the BN:
1. BN is FIAB (BN|CP|EN|WLC)
2. BN is L2-handoff also for arbitrary VLAN (Cisco SDA Part X - understanding L2 handoff - The ASCII Construct)
Loopbacks are used on the BNs to address DHCP-topic (it has nothing to do with BGP as redistribution of the LISP into BGP VPNv4 AF with further aggregation of the prefix makes the job instead). So if f.e. u have case (2) for VLAN X on your BN, but there is also EN behind BN, u wont be able to have Lo & VLAN X interfaces with the same IP on that BN. SVI will substitute Lo instead. But for VLAN Y u wont have SVI on BN but Lo. 

0 Helpful

KevinR99
Level 1
Level 1

‎08-07-2024 04:54 AM - edited ‎08-07-2024 05:16 AM

Neither case 1 or case 2 is true in my scenario.  The Border is a Border/CP only. I have a separate L2 Border which I understand gets an SVI address because it is also the gateway for devices external to the fabric.  Devices outside the fabric use the L2 Border svi as their gateway.  Devices inside the fabric use the Edge svi as their gateway. However, the L2 Border uses the external vlan id for the svi and the edge uses the fabric vlan id.  In my scenario both the Border/CP and the Edges use the fabric vlan id for their svi but only in some cases on the Border/CP.  The main Border/CP does not do any L2 Border functions nor does it have any edge or WLC functions.  If it were doing L2 border functions it would have an svi with the external vlan id.

0 Helpful

andy!doesnt!like!uucp
Spotlight
Spotlight
In response to KevinR99

‎08-07-2024 05:09 AM

consider to call the TAC then as it's unexpected behaviour. it's quite possible that you hit either documented or undocumented bug where DNAC deploy SVI on the BN|CP instead of Lo. & maybe it worth to notice that from the technical perspective having it like in your case makes no harm as soon as arbitrary user's SVI is in UP state (did u check it?) on your BN.

0 Helpful
Customers Also Viewed These Support Documents