Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1516
Views
2
Helpful
6
Replies

SDA MultiSite

Go to solution
fatalXerror
Level 5
Level 5

‎08-30-2023 06:58 AM

Hi guys, I am new in the world of SDA, please help regarding my concerns. 

I have 2x office sites and my plan is to create a fabric in each site and orchestrated by DNAC located at my DC.

My questions are,

1. Similar to ACI, can stretch my VN from site 1 to site 2 with one subnet across two sites? If it is possible, will this be the best practice for SDA or I should just have different subnet for each fabric?

2. In SDA, can I still do the foreign-anchor design for my wireless?

3. How to determine if I need to use IP-Transit or SDA-Transit for the fabric interconnectivity?

4. Should I have WLC in each of my sites in SDA or only 1x WLC will do in site 1 and use flexconnect for my site 2?

thank you

1 person had this problem
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-30-2023 07:42 AM

1. yes you can strech the VN to other site - you can use same DNAC cluster to manage other side (if the below RTT mentioned in the document)

2. fabirc wireless and Achoring have some issue with Guest network  - so check release notes and partner who is working with you.,

3. Depends on the Link you putting between sides.

from my notes :

 

  • In IP-Based transits, we use native IP.  This means we remove the encapsulation added in the fabric and forward the original packet. 
  • In SD-Access transits, we use Fabric VXLAN.  This means we encapsulate the original packet in VXLAN and forward it. 

4. depends on budget and design (and Limitation to reach to main site)

   Again is this OTT deployment or Fabric Wireless

   if budge permits each site should have their own WLC.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎08-30-2023 08:36 PM - edited ‎08-30-2023 08:37 PM

Hi fatalXerror, unfortunately again "it depends". If we stretch subnets across sites then that implies VXLAN tunnels between sites, which means the WAN will need to accommodate VXLAN MTU and potentially PIM-ASM and PIM-SSM for overlay BUM flooding (if required) and overlay native multicast replication (if required). It also means both Fabric Sites become dependent on same Control Plane Nodes where a WAN outage might cause remote-site-to-CP connectivity problems, which will in turn cause SD-Access packet forwarding failures. However stretched site also simplifies the ongoing network management, so, as always there's pros and cons.

I'd guess that in 80-90% of real-world deployments each physical site is mapped to a discrete Fabric Site, however it's not a firm rule, it just depends on the requirements. Best regards, Jerome

View solution in original post

6 Replies 6

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-30-2023 07:42 AM

1. yes you can strech the VN to other site - you can use same DNAC cluster to manage other side (if the below RTT mentioned in the document)

2. fabirc wireless and Achoring have some issue with Guest network  - so check release notes and partner who is working with you.,

3. Depends on the Link you putting between sides.

from my notes :

 

  • In IP-Based transits, we use native IP.  This means we remove the encapsulation added in the fabric and forward the original packet. 
  • In SD-Access transits, we use Fabric VXLAN.  This means we encapsulate the original packet in VXLAN and forward it. 

4. depends on budget and design (and Limitation to reach to main site)

   Again is this OTT deployment or Fabric Wireless

   if budge permits each site should have their own WLC.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
fatalXerror
Level 5
Level 5
In response to balaji.bandi

‎08-30-2023 09:48 AM

Hi @balaji.bandi ,

Just a follow through question,

1. If i can stretch the VN from site 1 to site 2, do I need to have SD-Transit between the two sites or as long as there is a communication to the DNAC from both fabric, it should be good?

3. For the SD-Transit, can I use this with MPLS or Internet as the underlay? Or how should I setup the SD-Transit? Please enlighten me.

4. It is just for office setup. If I have wlc in each fabric, can I still stretch the VN from site 1 to site 2? 

thank you

0 Helpful

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎08-30-2023 07:17 PM

Hi fatalXerror,

The high level answer to #1 and #3 (there's no #2?) is "it depends" Please take a look at this (BRKENS-2815) Cisco Live presentation for details of how IP Transit and SDA Transit work, and what use cases they solve. With IP Transit you need to take care of VN and SGT preservation in the WAN infra interconnecting Fabric Sites. With SD-Access Transit the VN and SGT preservation are native, but there's MTU and traffic visibility implications in the WAN.

SD-Access Transit does not mandate a particular kind of transport, however it does mandate transport MTU requirements and potentially multicast routing requirements (if there is to be inter-site multicast).

Yes you can stretch VNs between Fabric Sites when there is a Fabric WLC at each Fabric Site. Perhaps also consider reading through the the SD-Access CVD at https://cs.co/sda-cvd and also this (BRKENS-2502) design best practices presentation from Cisco Live.

Best regards, Jerome

0 Helpful

Go to solution
fatalXerror
Level 5
Level 5
In response to jedolphi

‎08-30-2023 08:08 PM

Hi @jedolphi , thank you for your response.

Just wondering, will it be best to stretch the VN (incl. the IP subnets) from site 1 to site 2 or the typical way would be still be best to have a different subnet for site 1 and site 2 fabrics?

For the fusion router, can I use a firewall instead of router as long as it is capable of VRF?

thank you

0 Helpful

Go to solution
jedolphi
Cisco Employee
Cisco Employee

‎08-30-2023 08:36 PM - edited ‎08-30-2023 08:37 PM

Hi fatalXerror, unfortunately again "it depends". If we stretch subnets across sites then that implies VXLAN tunnels between sites, which means the WAN will need to accommodate VXLAN MTU and potentially PIM-ASM and PIM-SSM for overlay BUM flooding (if required) and overlay native multicast replication (if required). It also means both Fabric Sites become dependent on same Control Plane Nodes where a WAN outage might cause remote-site-to-CP connectivity problems, which will in turn cause SD-Access packet forwarding failures. However stretched site also simplifies the ongoing network management, so, as always there's pros and cons.

I'd guess that in 80-90% of real-world deployments each physical site is mapped to a discrete Fabric Site, however it's not a firm rule, it just depends on the requirements. Best regards, Jerome

Go to solution
fatalXerror
Level 5
Level 5
In response to jedolphi

‎08-30-2023 08:42 PM

Thank you @jedolphi 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card