Buy or Renew
Buy or Renew
Register Here! - Join us 11/13 for the "Navigating DHCP Processes in SD-Access Network" Community Live event
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1391
Views
0
Helpful
5
Replies

Some SDA Design questions

Kanan Huseynli
VIP
VIP

‎06-01-2021 05:23 PM

Hi SDA-lovers,

 

suppose I have 9400 (chassis) border device (colocated Border actually, B&C).

Can I connect some servers directly to this border and have SVI for servers on border? Can I add this subnet-SVI to different VRF (life "shared") and do leaking for other VNs without Fusion (basically, doing import/export on border)? Is this type of design supported (may be manual workflow)? Or is there another this type of inter-VN leaking without fusion?

My second question is can I have one pair of physical WLC,but for multiple sites?

 

Thanks in advance,

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Labels:
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎06-02-2021 03:24 PM

yes you can do, but most DNAC design says, make it dedicated B and C, if the network is big.

 

My second question is can I have one pair of physical WLC,but for multiple sites?

yes, you can have as long as your SD-Access stretched, but for the remote sites suggest having a local break-out WLC or Fabric in box suggested.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Scott Hodgdon
Cisco Employee
Cisco Employee

‎06-03-2021 06:24 AM

Kanan,

Connecting servers directly to the Border would not be best practice. Based on your description, you would be doing route-leaking on the Border, and we highly recommend that this is done off the border on a Fusion device. 

If you have a multi-site design, each site that is doing SD-Access Wireless must have a unique controller for that site. A single WLC pair cannot act as a controller for many sites. If the sites are small, you can run the WLC with a Fabric-in-a-Box. 

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

Kanan Huseynli
VIP
VIP

‎06-03-2021 11:17 AM

Hi Scott,

 

thank you very much.

As I understand , there is no way to do leaking on border using DNA GUI,yes? We should do it via CLI like we do in Fusion (import/export RT) ,yes?

 

Regarding WLC, yes, I expected that answer. Honestly, I don't have hands-on SDA/DNA practice, but read lots of docs/ciscolive sessions. Just wanted to ensure, because on another topic I have seen that pair of ISE PSN can be used for multiple sites.

 

Regards,

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

Scott Hodgdon
Cisco Employee
Cisco Employee
In response to Kanan Huseynli

‎06-03-2021 12:07 PM

Kanan,

We do not do any leaking configuration in DNA Center. We only do L3 / L2 handoff on the border. If you insist on doing it on the border then it is CLI. I must stress highly, though, that we would rather this be on the fusion. Almost every deployment I have seen that has done this on the border has run into troubles, and most (if not all) went eventually to fusion. The fusion does not have to be very powerful. It just needs to run the routing protocol used on the Border and must support VRF-Lite.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

Kanan Huseynli
VIP
VIP

‎06-05-2021 03:36 AM

The fusion does not have to be very powerful. It just needs to run the routing protocol used on the Border and must support VRF-Lite.

 

Can I ask why? Fusion is also in data path, isn't it?

 

regards,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents