11-13-2019 09:07 AM
When Host Onboarding a Meraki AP to the Fabric Edge port, you choose a device type of "Server" which basically configures this port as a trunk. In the DNAC User Guide, it states the following constraints for the Fabric Edge port:
- Cisco SD-Access deployments support only APs, extended nodes, user devices (such as a single computer or a single
computer plus phone), and single servers
- Other networking equipment (such as hubs, routers, and switches) is not supported.
- Each port can learn up to a maximum of 10 MAC addresses.
If the Meraki AP is configured as a "single server" on the Fabric Edge port, what prevents you from connecting a Switch to this same Fabric Edge port and trunk its VLAN's similar to the Meraki AP? Does the Fabric Edge port have BPDU Guard enabled and would this be a possible reason you can't connect a Switch (Non-Extended Node) to the Fabric Edge port?
Also, the Fabric Edge port is stated to only support a maximum of 10 MAC addresses. Is this number correct? I heard during a SD-Access & Meraki Integration "Cisco Live" presentation that 100 devices/MAC's are supported per Fabric Edge port when it configured as a "Server" Device Type. This would make more sense that 100 devices/MAC's are supported per Fabric Edge port. Can we verify?
11-13-2019 09:38 AM
11-13-2019 06:09 PM
As of today a standard SD-Access fabric edge access port allows maximum 10x IP addresses. An SD-Access fabric edge "Server" port allows 100x IP addresses. BPDU guard is not enabled on "Server" port. Nothing stops you from connecting a basic switch to a Server port, however, you lose DNAC automation (basic switch is not configured by DNAC, DNAC cannot configure ports, upgrade code versions, etc), you may lose SGT segmentation (basic switch downstream from server port is not part of VXLAN overlay, and not integrated with ISE for TrustSec policy download), you may lose MAB/802.1x (basic switch may not be talking to ISE for AAA) and you lose e2e network Assurance (DNAC is not aware of the basic switch, DNAC doesn't know if there is any problems on the basic switch), and the list goes on. Hope that makes sense. Jerome
03-13-2020 04:49 AM
Hello Jerome, thanks for the very precise explanation, just a doubt?
Is this scenario supported by TAC? (Connecting a external basic Switch to a Fabric Edge?)
03-16-2020 12:40 PM
angel_flk,
Yes, this is supported. Just keep the other information Jerome listed in mind.
Cheers,
Scott Hodgdon
Senior Technical Marketing Engineer
Enterprise Networking Group
10-04-2021 12:02 AM
Hi,
I think that if you want to connect a switch to you SDA Fabric, the L2 handoff feature would be better to use.
09-29-2021 06:34 AM
Jerome,
What if we connect a MR44/46/56 AP to this port? Will it or can we setup a way for the AP to reach ISE for AAA?
09-29-2021 10:37 AM
This is the only documentation of which I know for Meraki wireless integration with SD-Access:
Cheers,
Scott Hodgdon
Senior Technical Marketing Engineer
Enterprise Networking and Cloud Group
09-29-2021 11:03 AM
Thank you!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide