05-15-2019 07:13 PM - edited 05-15-2019 07:16 PM
Hi, All.
I have some inquiries regarding SD-Access topology. I am a beginner of SDA network.
Usually there is a control plane node in conceptual SDA topology ppt document.
It is sometimes located in local fabric cloud between Border node and Edge Node, and sometimes located in outside server-farm cloud.
1) Which place is to be right? and does this have to be independently with Border switch? or Border can roll over at the same time? It looks like something for control plane exists. The picture in ppt document makes me confused.
2) Where does the wireless controller install? Does this connect to Border Node directly or can be installed outside server-farm?
3) What is difference between 2-tier Architecture and 3-tier Architecture? 2-tier has only border/edge on the other hand, 3-tier has intermediate node more. My partner engineer has planned 4 C9606-R switches for border, however I can't understand why four backbone switches needed. Or does border node can consist of 4-switches not 2 switches?
4) I want to see real sda network diagram including border/edge/wlc/dnac/ise/stealthwatch/cabling, not a conceptual diagram :) Does anybody have this one?
Ask to be excused for my ignorance
Thank you all in advance.
Solved! Go to Solution.
05-15-2019 11:53 PM
hjson0001,
1. The Control Plane Node just needs IP connectivity to the Edge and Border nodes. Generally speaking, it is better to co-locate the Control Plane with the Border node, but some customers choose to locate Control Planes in their own hardware for HA purposes (they don't want to lose both Border and Control Plane services if one platform fails). Since most customers deploy redundant Border nodes, in my experience most also co-locate the Border and Control Plane.
2. The WLC just needs IP reachability to the Control Plane Node and APs for SD-Access. The Best Practice is to connect the WLC to a Fusion device or to have it in the DC as it would be today. While direct connect to the Border is supported, we do not recommend it.
3. We support up to 4 External Borders per fabric site. I cannot easily comment on the choices your engineers has made without a deeper understanding of your design requirements. If you would like to have such a discussion about your design, please reach out to your Cisco account team and they can involve my team to assist if needed. From an SD-Access perspective, there is no real difference between 2-tier and 3-tier networks since the Intermediate layer just routes and does not specific SD-Access function.
4. The only "real" designs would be for customer networks, and we cannot be distributing customer designs without their approval. If you want to see if there is a customer in your region that is willing to talk to you as a reference, please reach out to your Cisco account team.
Cheers,
Scott Hodgdon
05-15-2019 11:53 PM
hjson0001,
1. The Control Plane Node just needs IP connectivity to the Edge and Border nodes. Generally speaking, it is better to co-locate the Control Plane with the Border node, but some customers choose to locate Control Planes in their own hardware for HA purposes (they don't want to lose both Border and Control Plane services if one platform fails). Since most customers deploy redundant Border nodes, in my experience most also co-locate the Border and Control Plane.
2. The WLC just needs IP reachability to the Control Plane Node and APs for SD-Access. The Best Practice is to connect the WLC to a Fusion device or to have it in the DC as it would be today. While direct connect to the Border is supported, we do not recommend it.
3. We support up to 4 External Borders per fabric site. I cannot easily comment on the choices your engineers has made without a deeper understanding of your design requirements. If you would like to have such a discussion about your design, please reach out to your Cisco account team and they can involve my team to assist if needed. From an SD-Access perspective, there is no real difference between 2-tier and 3-tier networks since the Intermediate layer just routes and does not specific SD-Access function.
4. The only "real" designs would be for customer networks, and we cannot be distributing customer designs without their approval. If you want to see if there is a customer in your region that is willing to talk to you as a reference, please reach out to your Cisco account team.
Cheers,
Scott Hodgdon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide