Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1621
Views
0
Helpful
5
Replies

L3 border handoff to SDWAN and Legacy network

Go to solution
dr_wpg
Level 1
Level 1

‎08-11-2021 12:51 AM - edited ‎08-11-2021 12:57 AM

Hi - a question on multiple transits serviced by the same pair of borders. 

Currently deploying an SDA fabric in parallel with an existing campus network. We're also deploying new campus SDWAN routers in parallel. For simplicity the diagram represents a single router and a single legacy core switch.  

 

Picture2.jpg

The plan is to connect to the SDWAN routers for N-S traffic (into the internet / DC) whilst also connecting to the existing legacy core (a few workloads/applications hosted here) for E-W traffic while we migrate users over to the SDA fabric on a floor by floor basis. This was decided so that E-W traffic won't need to traverse up into the router and back down into the legacy core. Once we migrate all users to the fabric, will decommission the legacy network and solely rely on the SDWAN routers as the only exit point. We'll only be using 1 VN - we'll micro-seg within the fabric. 

 

SDWAN will advertise:

  • Routes to internet
  • Routes to DC
  • Default route
  • legacy core routes (learnt from BGP to legacy core)

Legacy core will advertise:

  • Routes to a few applications/workloads
  • Existing user subnets in legacy environment
  • Default route (learnt from SDWAN router)

My question relates to what type of border should be deployed in this situation - should Anywhere Borders be deployed? In the case that an anywhere border is deployed will this mean that the same routes from both the SDWAN router and legacy core will be imported into LISP?

 

Essentially, how do I ensure that traffic is sent through the interconnect to the legacy core for E-W traffic (between the fabric and existing network) and N-S traffic is sent through the SDWAN routers? 

 

 
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎08-12-2021 01:36 AM

For what it looks to me, both B1 and B2 will have a link to legacy, so, being  both of them PETRs is enough, the logic is the following:

 

1) Packet destined to legacy arrives the edge

2) The edge queries the CP to now where to go

3) Negative map-reply from CPs (as the routes are not imported into LISP), use your pETRs (b1 or b2, load balancing)
4) Edge sends traffic to either B1 or B2, then Bx based on its RIB will send the traffic to Legacy known via eBGP


Then what would be the difference with Anywhere borders?

1) Packet destined to legacy arrives the edge

2) The edge queries the CP to now where to go

3) Complete map-reply from CPs (as the routes are imported into LISP), registered in both B1 in B2, the same load balancing result!
4) Edge sends traffic to either B1 or B2, then Bx based on its RIB will send the traffic to Legacy known via eBGP

 

Regards

View solution in original post

0 Helpful
5 Replies 5

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎08-11-2021 01:01 PM

If legacy prefixes are expected to be received in both borders, you dont need them to be Internal, in the end you will load balance the traffic south-north using both of them via External capability (proxyETR). IBGP between borders can take care in case  of a border missing its two uplinks

 

 

0 Helpful

Go to solution
dr_wpg
Level 1
Level 1

‎08-11-2021 03:45 PM

Hi Jalejand, 

Thanks for your input - so you're saying rely on both borders being PeTRs, dont import routes and rely on FIB/RIB entries to load balance external routes between both borders?

What if I want to route traffic destined to legacy solely through the link to legacy - and all other traffic to SDWAN? 

0 Helpful

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎08-12-2021 01:36 AM

For what it looks to me, both B1 and B2 will have a link to legacy, so, being  both of them PETRs is enough, the logic is the following:

 

1) Packet destined to legacy arrives the edge

2) The edge queries the CP to now where to go

3) Negative map-reply from CPs (as the routes are not imported into LISP), use your pETRs (b1 or b2, load balancing)
4) Edge sends traffic to either B1 or B2, then Bx based on its RIB will send the traffic to Legacy known via eBGP


Then what would be the difference with Anywhere borders?

1) Packet destined to legacy arrives the edge

2) The edge queries the CP to now where to go

3) Complete map-reply from CPs (as the routes are imported into LISP), registered in both B1 in B2, the same load balancing result!
4) Edge sends traffic to either B1 or B2, then Bx based on its RIB will send the traffic to Legacy known via eBGP

 

Regards

0 Helpful

Go to solution
dr_wpg
Level 1
Level 1
In response to jalejand

‎08-12-2021 05:28 AM

Thanks Jalejand,
So in essence, I should configure borders as external default borders (no import of known routes) and should rely on eBGP for traffic dictation?
0 Helpful

Go to solution
jalejand
Cisco Employee
Cisco Employee
In response to dr_wpg

‎08-13-2021 11:33 AM

Thta is correct

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card