cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
883
Views
5
Helpful
4
Replies
dm2020
Beginner

Fabric Border L3 Hand-off Infra_VN

Hi All,

 

I have been reading the SDA fabric deployment guide and have a question regarding automated border L3 hand-off for the infra_VN 

 

https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/sda-fabric-deploy-2019oct.pdf

 

As detailed in this guide, to provide initial underlay IP connectivity between the fabric borders and the core network infrastructure (DNAC, ISE etc), an eBGP adjacency is established between the fabric borders and fusion switches in the GRT (under bgp address-family ipv4). This makes sense, however later in the guide it suggests that the infra_VN should be selected as a part of the border L3 handoff automation which creates additional SVIs and BGP peering sessions with the fusion router under the same bgp address-family ipv4.(this is also suggested in a range of other deployment guides as well such as the distributed campus deployment guide).

 

Is this correct as this results in duplicate peering sessions in the GRT between the fabric borders and fusion routers? If we already have external connectivity in the GRT for underlay connectivity, do we need the handoff for the infra_vn?

 

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions

dm1981,

Correct. If you already have BGP setup and passing the GRT upstream then you are OK and don't need to add it to the L3 handoff. You can test this by adding a subnet to the INFRA_VN in Host Onboarding, and you should see this show up in the upstream peer routing table.

Remember, though, that the L3 handoff automation will create a trunk between the Border and upstream device, so if you already have an L3 routed interface configured you may have to change that. And if you do that, then you will need to need to re-establish the GRT handoff, which you could do as part of the L3 Border handoff. With DNAC 1.3.3 and newer, you can select the VLANs (within a certain range) for each of the VRFs and GRT that are part of the trunk configuration.

You may want to have a look at the Cisco Live session BRKCRS-2811 in the On-Demand Library at ciscolive.com . It goes through the various details.

Cheers,

Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking Group

View solution in original post

4 REPLIES 4
Scott Hodgdon
Cisco Employee

dm1981,

The GRT and the INFRA_VN are the same thing. We use the INFRA_VN designation in the DNA Center Policy workflow to represent it as a Virtual Network (VN) in which we place APs (for SD-Access Wireless) and Extended Nodes.

We continue that naming convention in the L3 Border handoff workflow for consistency, but we could just as easily call it GRT.

Hope that helps.

Cheers,

Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking Group

Hi Scott,


Thanks for the reply. So if the Infra_VN and the GRT are the same thing, and if we already have external connectivity between the fabric borders and fusion routers in the GRT (as a part of the initial configuration detailed on page 13 of the deployment guide  - https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/sda-fabric-deploy-2019oct.pdf) then I'm assuming that  enabling L3 border handoff for the Infra_VN is not required? Is that correct?

 

Thanks

dm1981,

Correct. If you already have BGP setup and passing the GRT upstream then you are OK and don't need to add it to the L3 handoff. You can test this by adding a subnet to the INFRA_VN in Host Onboarding, and you should see this show up in the upstream peer routing table.

Remember, though, that the L3 handoff automation will create a trunk between the Border and upstream device, so if you already have an L3 routed interface configured you may have to change that. And if you do that, then you will need to need to re-establish the GRT handoff, which you could do as part of the L3 Border handoff. With DNAC 1.3.3 and newer, you can select the VLANs (within a certain range) for each of the VRFs and GRT that are part of the trunk configuration.

You may want to have a look at the Cisco Live session BRKCRS-2811 in the On-Demand Library at ciscolive.com . It goes through the various details.

Cheers,

Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking Group

View solution in original post

Hi Scott,

 

Ok that makes sense. Really appreciate the response and clearing this up.

 

Many thanks

 

 

Content for Community-Ad
This widget could not be displayed.