DEPLOY GATEWAY IN AN ACI MULTIPOD

NguyenHoangAnh3197 · ‎07-15-2025

Hello everyone,

I have been implementing Cisco ACI MultiPod. in DC1 i have several services using gateway in DC2. how can i create BD or anything in order to services in DC1 can reach gateway in DC2.

From my point of view, they can reach gateway via IPN.

on configuration of BD need to special configure or anything else.

Enes Simnica · ‎07-15-2025

hello G. U're on the right track, cause endpoints in DC1 can reach the gateway in DC2 through the IPN. but G, there are a few important configuration steps and best practices to make sure everything works smoothly/ So, to allow services in DC1 to reach a gateway in DC2 in ACI MultiPod, make sure of the following:

Stretch the same Bridge Domain (BD) across both DCs so endpoints in DC1 can use the gateway in DC2.
Enable "Advertise Host Routes" in the BD to ensure proper routing to the remote gateway.
If the gateway is outside ACI (like on a firewall/router), check your L3Out setup in DC2 and that it's tied to the correct VRF and has the necessary contracts.
The IPN must be properly configured:
Set MTU to 9150
Ensure multicast (if used) is set up
Verify OSPF/BGP between spine and IPN routers

thats all i can remember for now... and yes dont forget to verify epgs and contracts in order to allow communication between endpoints.. So yes u’ll need to ensure the BD is stretched between the two pods, and some BD and IPNspecific configurations should be validated.. hope it helps G

-Enes

more Cisco?!
more Gym?!

Enes Simnica · ‎07-15-2025

and G, i u want to test this on EVEng before going live, u can do a basic MultiPOd style test and use : CSR1000v (image:csr1000v-universalk9.16.12.04.iso) – for IPN, spine/leaf routing. NX-OSv 9000 (image: nxosv9k.9.3.9.qcow2) – to simulate ACI leaf behavior AND Linux or Alpine containers as endpoints/gateways

It won’t fully emulate ACI fabric, but it’s great for testing routing, gateway reachability and stretched subnet logic.

more Cisco?!
more Gym?!

NguyenHoangAnh3197 · ‎07-15-2025

Hello simnica,

Thanks alot for your feedback.

whether can i create in same gateway in both DC1 and DC2 with same BD and lead to my services will only walk in POD1 because can reach GW in POD1
but i am confuse that if i create same IP gate in both DC1 and DC2, they are conflict or overflap
P/s if you have any topic talk about situation, please let me know.

Enes Simnica · ‎07-15-2025

ur welcome G. And yes in ACI MultiPod, it’s completely supported to use the same gateway IP in both DC1 and DC2 with a stretched Bridge Domain. ACI uses Anycast Gateway, which lets each pod handle traffic locally.

So, endpoints in DC1 will use the local gateway in DC1, and the same for DC2, no IP conflict happens, because ACI programs the same virtual IP/MAC across the fabric. This keeps traffic efficient and avoids unnecessary cross-pod routing.

and Check this cuper crazy link G: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739609.html (it goes into detail on Anycast Gateway, BD stretching, and best practices for MultiPod...)

also u have this Cisco ACI multi site video from Cisco: https://www.youtube.com/watch?v=uQudZE-EYtw&list=PL1ufpNoteoBOg8X5SH0D_lto2SCbQWHf6

more Cisco?!
more Gym?!