07-05-2021 09:00 AM
Hello all!
We are deploying an SD-Access infrastructure and customer is requesting a L2 stretching between Fabric and their traditional network. I have seen the choice to create an L2 only domain under Default_VN.
Is the right procedure to configure this L2 only domain and then using a L2 handoff or is there anything left to be configured?
Thank you!
07-07-2021 12:53 AM - edited 07-07-2021 12:54 AM
The usual procedure is to create a fabric pool/subnet with the same subnet as your legacy L2 network. Then deploy a layer 2 handoff link which is a trunk link between the L2 handoff border and a traditional L2 switch. You will map the fabric VLAN to the legacy VLAN during L2 handoff provisioning. No L2 only needed (well, you can use L2 only if you want to keep your L3 gateway on the legacy network instead of keeping it on the fabric)
Example:
VLAN 20 is legacy
VLAN 1024 is the one created on the fabric
Both are 192.168.10.0/24
After provisioning the L2 Handoff, shutdown your L3 gateways for the subnet on the legacy core, as the L2 handoff border will now serve as SVI.
L2 handoff requires L2 flooding to work properly, be sure that underlay multicast was provisioned during lan automation or either do it manually yourself.
07-07-2021 06:57 AM - edited 07-07-2021 06:59 AM
acc,
For information on L2 Handoff, see https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#L2_Border_Handoff .
You may wish to bookmark this is well: https://community.cisco.com/t5/networking-documents/cisco-sd-access-resources/ta-p/4196271 .
Cheers,
Scott Hodgdon
Senior Technical Marketing Engineer
Enterprise Networking and Cloud Group
07-11-2023 08:16 PM
Hi @jalejand / @Scott Hodgdon,
Is the L2 Handoff BN works if the VLAN gateway resides in the firewall and not a core switch?
What will be the other migration strategy if the gateway of each VLANs in the traditional network resides in a firewall?
Thank you
07-11-2023 08:33 PM
For gw outside the fabric, use an L2 only pool, the gw will simply become a host in that vlan.
07-11-2023 08:48 PM
Hi @jalejand , is this means that if I use "L2 Only Pool", I can still use my current VLAN gateway which resides in the firewall in the traditional network?
Is L2 Only Pool is it in the L2 Handoff BN and configurable in DNAC?
07-12-2023 09:52 AM
Right, an L2 Only pool has no anycast gateway, the fabric is just a big switch for that vlan. It is configurable via DNAC , its an option when configuring the IP Pool (like wireless pool, critical pool, l2 flooding, etc). Its just not editable, you must create the pool from scratch.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide