There is specific design where Cisco ASA5585-SSP40 HA cluster connected to 1st N7K VPC domain with vPC port-channel. This domain consequently connected to 2nd N7K VPC domain. Two servers are single- and non-vpc connected to the latter VPC domain (1 server per vpc-peer). Finally ASA and servers must build OSPF ajacency over some vlan switched from ASA's port-channel toward server's access ports. The case of control plane and data forwarding direction from servers toward ASA is validated. But opposit direction (control and data packets from ASA toward servers) may take not optimal path: f.e. ASA's port-channel decide to forward packet to a one of the servers in such a way that on a final VPC domain frame must cross vpc-peer-link to reach the destination. Would the last swithcing vpc-peer drop this frame instead of forward it toward the server?
1. Log into CLI of DNAC:
ssh maglev@< DNAC appliance IP> -p 2222
2. Run this curl command to get token to get member id:
curl -X POST -u admin:<admin user password> -H -V https://<CLUSTER-IP>/api/system/v1/identitymgmt/token
Enterprise Switching Business Unit is glad to announce Beta release 16.12.2 for all Catalyst 9200/9300/9400/9500/9600 and Catalyst 3650/3850 Platforms. This release is made available to allow users to test, evaluate and share fee...
Purpose of the document
This document describes the general recommendations or best practices when designing and deploying the Cisco SD-Access technology. The document assumes that the reader has a general overview of Cisco's SD-Access for Distributed C...
Do you currently have hands-on networking experience? If you do, we'd love to hear from you!
Your feedback will be reviewed and analyzed by our team to directly influence a networking management and monitoring product.
Take the 20-min or les...