Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
for some porposes (exp: FEX 40G-> leaf 40G) , we have to convert leaf uplink port to downlink in a production environnement. Is there any risk? Is it recommended?
Hi,
Please find attached my design!
So with this design, we want to export the VM interface (Red color): x.x.x.x/32 to the ASR without exporting the Leaf interface (Blue color) because we are using a public subnet between ACI and VM!
The probleme is ...
Hi,
In the attached design, and in the same vrf-X: we have EPGs that must go through the firewall and others directly to the ASR.
With this design, it can cause routing problems in VRF-X? because we will have a route leaking from VRF-X-OUT to VRF-X a...
Hello,
How we can deploy a firewall to secure EAST-WEST traffic in ACI without service graph? traffic between EPGx and EPGy must pass via firewall.
Thank you,
Why dynamic protocols (OSPF for example) doesn't use the secondary address in a L3OUT like static routing ? it uses the primary ( Side A and B) instead of the secondary address! So what is the use of this secondary address in dynamic routing with VPC...
Spine model is N9332C! I think it's ok.
In my IPN dhcp relay, I can see the DHCP DISCOVER received from the Remote Leaf and transmitted to the APICs (Routable IP) but can not see the DHCP OFFER from the APICs! I'm sure that we did the correct confi...
Hi @balaji.bandi & @RedNectar,
Thank you for your replies,
Here you can find attached the example I wanted to talk about.
In this example, there is a contract between EPG1 and EPG2! So automatically, a static route will be injected in each Leaf (for ...
thank you for sharing!
First, let's assume that our gateway in the ACI.
Traffic must pass like this:
Endpoint x --> Leaf
Leaf --> FW
FW --> Leaf
Leaf --> EndPoint y
How we can achieve this scenario without implementing PBR service graph? How routing ...
Thank you for your explanation!
So for OSFF over VPC SVIs, we don't need secondary address and HSRP isn't supported. Then, we will not be at risk of L3 loop? because the Router will see the same routes injected by 2 different sources (the 2 leaves) ...
