cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5825
Views
15
Helpful
4
Replies

Fusion Router

dm2020
Level 1
Level 1

Hi All,

 

I'm currently deploying a small pilot SDA fabric for a company. A question has been raised about the need for the fusion router. Now I know what the purpose of the fusion router is, however, is it mandatory in every deployment as we can achieve the same route leaking between VRFs on the border nodes which I have tested without any issues. What are the reasons that we should use a dedicated router for this?

 

Thanks

1 Accepted Solution

Accepted Solutions

Scott Hodgdon
Cisco Employee
Cisco Employee

The Fusion is a Best Practice recommendation to move VRF route leaking and / or VRF combining off the Fabric Border to avoid unintended redistributions (especially 0.0.0.0/0 routes) into the LISP Control Plane that could be harmful to the SD-Access fabric. That said, it is not a requirement to have a Fusion device, and an SD-Access fabric without a Fusion is TAC supported.

 

If your production SD-Access fabric will have a Fusion device, then it is my experience that the pilot should also have a Fusion device. This is so that the Pilot can mimick the production environment as closely as possible so that testing will be most applicable to what is ultimately deployed.

 

Remember that Fusion device can also be a firewall, if that fits into your design.

View solution in original post

4 Replies 4

Scott Hodgdon
Cisco Employee
Cisco Employee

The Fusion is a Best Practice recommendation to move VRF route leaking and / or VRF combining off the Fabric Border to avoid unintended redistributions (especially 0.0.0.0/0 routes) into the LISP Control Plane that could be harmful to the SD-Access fabric. That said, it is not a requirement to have a Fusion device, and an SD-Access fabric without a Fusion is TAC supported.

 

If your production SD-Access fabric will have a Fusion device, then it is my experience that the pilot should also have a Fusion device. This is so that the Pilot can mimick the production environment as closely as possible so that testing will be most applicable to what is ultimately deployed.

 

Remember that Fusion device can also be a firewall, if that fits into your design.

Hi Scott,

 

That make sense. Appreciate you taking the time to respond to my query.

 

Many thanks 

jalejand
Cisco Employee
Cisco Employee

Not required, it is only needed to reach specific destinations outside the SD-Fabric, for example, a DC or Enteprise network out of the LISP/Fabric domain, with an eBGP session between a Border and a Fusion which has route information of the enterprise network, you can redistribute IGP routes to a LISP MS/MR.

 

To leak between VRFs on the fabric, a border node running MPBGP and Route target imports is good enough.

 

In a future, this feature should be addressed by LISP Extranet.

 

 

vk00455130
Level 1
Level 1

Hi, am also facing the same issue, where fusion router is being mentioned mandatory by the vendor. 

 

Could you please share the topology or assets you use for the SD-access fabric and device which you used for interconnecting SDA fabric and traditional network? 

 

I have attached underlay setup diagram.

 

THanks in advance. 

Review Cisco Networking for a $25 gift card