02-17-2024 09:24 PM
Hello, I have a few questions in regard to SDA Border node redundancy.
1. Is it recommended to run ISIS between two redundant border nodes ? I see some documentation that shows the nodes connected, but not much is mentioned in regard to what underlay routing protocol is being used.
2. I know iBGP can be used for each VN between border nodes, however should iBGP also be configured for the underlay/grt, if an IGP such as ISIS is already running between the border nodes what would be the benefit of also running iBGP in the underlay/grt?
3, If running lisp pub/sub, I understand that we no longer need iBGP for each of the VNs ,however DNAC does configure an iBGP peering in the underlay/grt with the redundant border. What is the reason for this ?
Solved! Go to Solution.
02-26-2024 07:25 PM
Hi, assuming LISP Pub/Sub, which is the most recent and recommended control plane architecture:
1. Yes you can use ISIS (or your manual IGP) between BNs in underlay. Whether you need to or not is defined by how BN1 Lo0 can reach BN2 Lo0. Most people will enable ISIS/IGP between BNs, FYI.
2. Per-VRF IBGP between BNs not required.
3. The IBGP peering is from BN to both CPs, which presumably are co-located with BN in your design. It should have VPNv4 and VPNv6 AF enabled, this is for transporting L3VN BGP routes through a Fabric Site. This subject is covered very briefly in BRKENS-2816, slides 37-40, https://www.ciscolive.com/on-demand/on-demand-library.html?#/session/1707505512189001p6lp
Best regards, Jerome
02-17-2024 09:38 PM
I was able to find a few posts that address questions 1 and 2, however I'm not finding anything on why DNAC configures an iBGP peering between the borders in the underlay/GRT only.
02-26-2024 07:25 PM
Hi, assuming LISP Pub/Sub, which is the most recent and recommended control plane architecture:
1. Yes you can use ISIS (or your manual IGP) between BNs in underlay. Whether you need to or not is defined by how BN1 Lo0 can reach BN2 Lo0. Most people will enable ISIS/IGP between BNs, FYI.
2. Per-VRF IBGP between BNs not required.
3. The IBGP peering is from BN to both CPs, which presumably are co-located with BN in your design. It should have VPNv4 and VPNv6 AF enabled, this is for transporting L3VN BGP routes through a Fabric Site. This subject is covered very briefly in BRKENS-2816, slides 37-40, https://www.ciscolive.com/on-demand/on-demand-library.html?#/session/1707505512189001p6lp
Best regards, Jerome
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide