Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1075
Views
12
Helpful
6
Replies

L2 only domain between fabric and outside networks?

acc.94
Level 1
Level 1

‎07-05-2021 09:00 AM

Hello all!

 

We are deploying an SD-Access infrastructure and customer is requesting a L2 stretching between Fabric and their traditional network. I have seen the choice to create an L2 only domain under Default_VN. 

 

Is the right procedure to configure this L2 only domain and then using a L2 handoff or is there anything left to be configured?

 

Thank you!

Labels:
0 Helpful
6 Replies 6

jalejand
Cisco Employee
Cisco Employee

‎07-07-2021 12:53 AM - edited ‎07-07-2021 12:54 AM

The usual procedure is to create a fabric pool/subnet with the same subnet as your legacy L2 network. Then deploy a layer 2 handoff link which is a trunk link between the L2 handoff border and a traditional L2 switch. You will map the fabric VLAN to the legacy VLAN during L2 handoff provisioning. No L2 only needed (well, you can use L2 only if you want to keep your L3 gateway on the legacy network instead of keeping it on the fabric)

Example:

 

VLAN 20 is legacy
VLAN 1024 is the one created on the fabric


Both are 192.168.10.0/24

After provisioning the L2 Handoff, shutdown your L3 gateways for the subnet on the legacy core, as the L2 handoff border will now serve as SVI.

 

L2 handoff requires L2 flooding to work properly, be sure that underlay multicast was provisioned during lan automation or either do it manually yourself.

Scott Hodgdon
Cisco Employee
Cisco Employee

‎07-07-2021 06:57 AM - edited ‎07-07-2021 06:59 AM

acc,

For information on L2 Handoff, see https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#L2_Border_Handoff .

You may wish to bookmark this is well: https://community.cisco.com/t5/networking-documents/cisco-sd-access-resources/ta-p/4196271 .

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

fatalXerror
Level 5
Level 5

‎07-11-2023 08:16 PM

Hi @jalejand / @Scott Hodgdon,

Is the L2 Handoff BN works if the VLAN gateway resides in the firewall and not a core switch?

What will be the other migration strategy if the gateway of each VLANs in the traditional network resides in a firewall?

Thank you

0 Helpful

jalejand
Cisco Employee
Cisco Employee
In response to fatalXerror

‎07-11-2023 08:33 PM

For gw outside the fabric, use an L2 only pool, the gw will simply become a host in that vlan. 

0 Helpful

fatalXerror
Level 5
Level 5
In response to jalejand

‎07-11-2023 08:48 PM

Hi @jalejand , is this means that if I use "L2 Only Pool", I can still use my current VLAN gateway which resides in the firewall in the traditional network? 

Is L2 Only Pool is it in the L2 Handoff BN and configurable in DNAC?

0 Helpful

jalejand
Cisco Employee
Cisco Employee
In response to fatalXerror

‎07-12-2023 09:52 AM

Right, an L2 Only pool has no anycast gateway, the fabric is just a big switch for that vlan. It is configurable via DNAC , its an option when configuring the IP Pool (like wireless pool, critical pool, l2 flooding, etc). Its just not editable, you must create the pool from scratch.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents