Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1704
Views
15
Helpful
6
Replies

Over the top (OTT) - wireless client subnet advertisement

Go to solution
dr_wpg
Level 1
Level 1

‎08-12-2021 11:05 PM

Hi - I'm currently planning to deploy an SDA fabric and want to integrate my wireless infra through an OTT deployment. 

Currently reviewing BRKEWN-2020 and it makes mention that the border advertises Wireless client subnets to the fabric. 

 

What does this actually entail? Will this import these subnet routes as map-cache entries to invoke a LISP lookup? Does this mean I will need to select the checkbox to import known routes (anywhere/internal border) or can I configure external borders during Layer 3 handoff workflow? 

 

Capture.PNG

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jalejand
Cisco Employee
Cisco Employee
In response to dr_wpg

‎08-15-2021 02:21 PM - edited ‎08-15-2021 02:22 PM

Lets clarify something:

I'd rather go with option 1 - normal routing out through VRF's.

 

Traffic to and from APs are handled differently in fabric.

 

  • When APs sends traffic out to the WLC, they don't use LISP (as there is no map-cache 0.0.0.0/0 entry on instance-id 4097), they rely on traditional routing table.
  • When traffic comes from outside destined to the APs, the traffic hits a Border then it encapsulates that traffic to the AP in VXLAN (as APs are registered on the CP and there is a map-cache for the AP subnet to dictate this)

Fabric Overlay will always use LISP/map-cache/VXLAN


If the OTTs are in GRT in Border and clients on a fabric VRF, you will need a fusion router to leak these routes, yes.
The traffic flow will be the following:

 

  • OTT Client - AP - Edge - Underlay/RIB - Border - WLC - Border - Fusion GRT [Leak] Fusion VRF - Border VRF - Edge VRF - Fabric Client
  • Fabric Client - Edge VRF - Border VRF - Fusion VRF[Leak]Fusion GRT - Border - WLC - Border - Overlay/Map-Cache - Edge AP - OTT Client

 

 

 

 

 

View solution in original post

6 Replies 6

Go to solution
jalejand
Cisco Employee
Cisco Employee

‎08-13-2021 11:27 AM

That step is only optional, very optional.

If you want fabric users (wired or FEW-enabled) to reach the OTT clients, they will need to go outside the fabric to reach them (going to the controller itself), meaning the traffic will pass through the border in their respective VRFs, for that reason the border needs a route out to the OTT subnet (which could be easily replaced with a default route)

You can still inject the OTT subnet into LISP as you mention, creating borders with the internal capability (import known routes)  if you want the exit point to be a particular border in case you have more than 1, however, if your deployment consists in 1 border with external capability (default for all routes) or borders which are supposed to be mirrored/load balance traffic, then you dont need to import anything.

 

Regards

Go to solution
dr_wpg
Level 1
Level 1
In response to jalejand

‎08-15-2021 12:27 AM

Thanks Jalejand, so I see two options: 1. Traditional routing, 2. Rely on LISP map-cache. 

I'd rather go with option 1 - normal routing out through VRF's. 

My OTT subnets gateway will be in the border GRT as the WLC's will be directly connected, so will I need to to route-leak my OTT subnets to my other VN's if hosts in my overlay want to reach my OTT subnets? 

0 Helpful

Go to solution
jalejand
Cisco Employee
Cisco Employee
In response to dr_wpg

‎08-15-2021 02:21 PM - edited ‎08-15-2021 02:22 PM

Lets clarify something:

I'd rather go with option 1 - normal routing out through VRF's.

 

Traffic to and from APs are handled differently in fabric.

 

  • When APs sends traffic out to the WLC, they don't use LISP (as there is no map-cache 0.0.0.0/0 entry on instance-id 4097), they rely on traditional routing table.
  • When traffic comes from outside destined to the APs, the traffic hits a Border then it encapsulates that traffic to the AP in VXLAN (as APs are registered on the CP and there is a map-cache for the AP subnet to dictate this)

Fabric Overlay will always use LISP/map-cache/VXLAN


If the OTTs are in GRT in Border and clients on a fabric VRF, you will need a fusion router to leak these routes, yes.
The traffic flow will be the following:

 

  • OTT Client - AP - Edge - Underlay/RIB - Border - WLC - Border - Fusion GRT [Leak] Fusion VRF - Border VRF - Edge VRF - Fabric Client
  • Fabric Client - Edge VRF - Border VRF - Fusion VRF[Leak]Fusion GRT - Border - WLC - Border - Overlay/Map-Cache - Edge AP - OTT Client

 

 

 

 

 

Go to solution
dr_wpg
Level 1
Level 1
In response to jalejand

‎08-15-2021 08:22 PM - edited ‎08-15-2021 10:28 PM

Thanks Jalejand - makes sense to implement route-leaking to the VRF's to enable connectivity to the OTT subnets. 

 

As an alternative, I could just configure the OTT mgmt subnet in GRT and then client subnet/SVI in border VRF right? This will negate the need to route-leak?

0 Helpful

Go to solution
jalejand
Cisco Employee
Cisco Employee
In response to dr_wpg

‎08-15-2021 11:25 PM

That would work too!
Basically leaking on the WLC, being the mgmt interface for capwap in GRT and the client GW on a fabrc VRF

Go to solution
dr_wpg
Level 1
Level 1
In response to jalejand

‎08-16-2021 12:12 AM

Really appreciate your help Jalejand! Thank you

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card