Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have a very small and simple setup (the network is too small for a classic leaf-and-spine setup):
3 Nexus 93180YC FX3 in a triangle, one VLAN mapped to a L2-VNI, BGP-EVPN and Distributed Anycast Gateway, no VRFs, no PIM. We opted for this design t...
Hi all,
Scenario:
- | link down +---- + /-----\ |---------X-| SW1 |---------| RT1 |--\ | +-----+ \-----/ \ | no updates for X -->| /-----\ |Netw X | RT3 |---- | ...
Hi everybody,
I can't find any decent guide how ASA for FXOS (aka Asa for Firepower) operates together with Firepower Threat defense.
The "Quick Start Guides" available in the ASA documentation section (http://www.cisco.com/c/en/us/td/docs/security/a...
We have an exotic network issue: A src sends high volume directed broadcast traffic towards a destination network, where one or more receivers process the data. We experience high packet loss for directed broadcasts, the same traffic volume as unicas...
Hi everybody,I can't find the detailed information which attributes are exactly needed for the Anyconnect 3.1 client to correctly identify the VPN server -ASA 8.4(4)1I have added two servers in the client connection profile:IP address, primary protoc...
Hi f00z, Thank you for the reply!
Which lab do you use, CML, Hardware?
DAG is only necessary if you have IP mobility (VM migration) to keep the MAC of the default gateway and want it simple. EVPN will (should) announce the gateway MACs of VTEPs to al...
Hi f00z
thank you, the DAG was preventing a successful ARP to IPs on other VTEPs. We don't have IP mobility inside the VLAN (e.g. Virtual Machine migration) so removing the DAG gives us full connectivity.
I think, I missed a config step "send-communi...
Hi f00z,
First your question from the original post:
1. The documentation always uses multiple VRFs. Is this required in an enterprise where there is one tenant?
No, you don't need VRFs always, only for multiple tenants with duplicate/overlapping L2 ...
Hi Neil,
I'm afraid, this will not work smoothly. Overlay VLANs (VXLAN, VNI) are configured like this:
vlan 123 name [choose your name] vn-segment 4567
I doubt, whether such a VLAN can be operated in both ways, VXLAN overlay and classic L2-VLAN, simu...
Hi Cristian,
the SFP ports can be equipped with any Cisco transceiver: single mode, multi mode or copper. "Fixed" only means, that the uplink SFP receptacles are not modular (on other models you can choose uplink, e.g. SFP, SFP+). You have to order t...
