Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2804
Views
10
Helpful
4
Replies

L2VNI with gateway behind a Border (DNAC 2.2.3.0+)

Go to solution
Sylvain_Che
Level 1
Level 1

‎09-17-2021 12:50 AM

Hey folks,

 

In the latest DNAC version 2.2.3.0 not yet in GA, the L2VNI feature is present, allowing the Fabric to provide L2 functionality across the fabric without the need for an IP Pool. This particularly helps in the case we want to keep the default gateway outside the fabric.

 

I tested the workflow and based on the generated configurations on Border and FEs and also on BRKENS-2008, the defaut GW located outside of the Fabric is expected to be connected to a FE.

--> Can it be possible to have the outside default GW connected behind the Border?

 

My use-case is as follows:

- I've got some servers connected to DC VLANs, attached to DC switches, that are connected to Borders.

- Those DC switches also have the role of SDA Fabric Edges.

- DC VLANs are trunked between DC switches and Borders. The SDA routing is ensured by P2P IS-IS SVIs.

- The default GW of those DC VLANs is our Fusion device.

- On the SDA side on the right, we have a requirement to connect servers.

- Those SDA-connected servers need to be in the same VLANs as the servers located in DC.

- For the moment, only the link is connected between Border/CP and Intermediate.10.

- Intermediate nodes have been LAN Automated so the link between Border/CP and Intermediate.10 is already configured in L3. So we cannot simply trunk the DC VLANs.

- There are already many SDA endpoints connected. Downtime must be avoided as much as possible.

 

The attached topology might help to understand.

 

Best regards,

Sylvain.

Labels:
Preview file
215 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
markus.forrer
Level 4
Level 4

‎10-15-2021 12:30 PM

Hi Sylvain

 

This feature is already here in 2.2.2.5 (I think was introduced in 2.2.24).

You simply need dedicated Borders (recommended from Cisco because the Borders has to handle Spanning-tree, but I would work also on the same border) and just doing L2 Handoff.

Of course the IP Pool inside the fabric must be defined as L2 only. I would suggest to use another Vlan ID inside the fabric than outside the fabric and just let the L2 Border handle the conversion.

And keep in mind, that you only can configure 1 Link for the L2 Handoff.

 

I would suggest to use a Stackwise-Virtual as L2 Border, so you can handoff the L2 segment over a port-channel.

 

Hope this was helpful.

Cheers

View solution in original post

4 Replies 4

Go to solution
markus.forrer
Level 4
Level 4

‎10-15-2021 12:30 PM

Hi Sylvain

 

This feature is already here in 2.2.2.5 (I think was introduced in 2.2.24).

You simply need dedicated Borders (recommended from Cisco because the Borders has to handle Spanning-tree, but I would work also on the same border) and just doing L2 Handoff.

Of course the IP Pool inside the fabric must be defined as L2 only. I would suggest to use another Vlan ID inside the fabric than outside the fabric and just let the L2 Border handle the conversion.

And keep in mind, that you only can configure 1 Link for the L2 Handoff.

 

I would suggest to use a Stackwise-Virtual as L2 Border, so you can handoff the L2 segment over a port-channel.

 

Hope this was helpful.

Cheers

Go to solution
Sylvain_Che
Level 1
Level 1
In response to markus.forrer

‎11-02-2021 01:23 AM

Hi @markus.forrer 

 

Yes L2Border is the solution.

I looked too far to get a solution.

 

Thanks.

0 Helpful

Go to solution
Michael Warren
Level 1
Level 1
In response to markus.forrer

‎10-05-2022 12:29 AM

Hello,

I'm trying to figure out how to design some brownfield migrations that have subnets with external gateways (mostly hosted on a Fortigate firewall). We need to maintain the VLANs and gateways on the legacy network until we can move all endpoints onto the fabric, and then transition the subnet to the fabric in the usual way routing out of the L3 border.

My plan was to link the legacy network and fabric via an L2 out and define an L2 only fabric IP Pool (with the same subnet used in the legacy network) but I don't know how to define an IP Pool as L2 only - what is the work flow for that?

We're on DNAC 2.2.3.5

Thanks in advance.

Michael

0 Helpful

Go to solution
Michael Warren
Level 1
Level 1
In response to Michael Warren

‎10-05-2022 12:34 AM

Sorry, I think I just found how to make an IP Pool L2 only:

Provision > SD-Access > Fabric Sites > SITE > Host Onboarding > Virtual Networks > VN > Select VLAN/IP Pool and select Layer-2 Only

i.e. the same place as if turning on L2 flooding

0 Helpful
Customers Also Viewed These Support Documents