Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
537
Views
2
Helpful
4
Replies

ACI Back to Back VRF

Go to solution
JPC11
Level 1
Level 1

‎06-07-2023 05:38 AM

Hi,

I have installed and configured ACI at one of our data centres and I now need to do the same at our secondary data centre using the back to back setup rather than IPN.  I was planning on connecting the spines up to our WAN routers and wondered if the best practice, would be to make use of a separate VRF for the ACI traffic rather than just lump all the ACI and other cross site traffic together.

I appreciate any replies.

Jonathan

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Burns
Cisco Employee
Cisco Employee

‎06-07-2023 09:54 PM

I will whole heartidly agree with Chris that you should also try to build a proper ISN.  You mentioned separate fabrics, so this would imply Multisite.  Though B2B is a supported topology, you're limited to 2 sites and you lose the ability to ever expand to the public cloud (GCP/AWS/Azure).  Even if you don't plan on expanding like this today, I'd recommend not painting yourself into a corner by doing B2B.  You mention you already have WAN routers, well that can be your ISN!  Just carve out a separate VRF on it and connect everything together.  You'll need to support jumbo MTU between the sites (>1600b) and few other considerations, but most platforms will support what a Multisite ISN requires.  Multisite also handles all the policy stretching and consistency between your fabrics which saves you having to manually stitch policies together (very messy).  

Robert

View solution in original post

4 Replies 4

Go to solution
RedNectar
VIP
VIP

‎06-07-2023 02:46 PM - edited ‎06-07-2023 10:08 PM

Hi @JPC11 ,

To deploy two ACI fabrics in a "back-to-back" configuration, the Spines at each site need to form OSPF adjacencies with each other. This means you need L2 connectivity between the sites - dark fibre is the best option

If you want to put a router in the picture, you'll have to make that router provide some kind of L2 service between the sites - a L2 EVPN.

Probably easier to create an IPN! [Edit](Oops - I mean ISN. Same animal, different spelling)[/Edit]

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Go to solution
JPC11
Level 1
Level 1
In response to RedNectar

‎06-12-2023 12:29 AM

Thank you both for your help here.  I did reply via email last week but I have just noticed that all the text was removed.

Thanks again for taking the time to help.

0 Helpful

Go to solution
Robert Burns
Cisco Employee
Cisco Employee

‎06-07-2023 09:54 PM

I will whole heartidly agree with Chris that you should also try to build a proper ISN.  You mentioned separate fabrics, so this would imply Multisite.  Though B2B is a supported topology, you're limited to 2 sites and you lose the ability to ever expand to the public cloud (GCP/AWS/Azure).  Even if you don't plan on expanding like this today, I'd recommend not painting yourself into a corner by doing B2B.  You mention you already have WAN routers, well that can be your ISN!  Just carve out a separate VRF on it and connect everything together.  You'll need to support jumbo MTU between the sites (>1600b) and few other considerations, but most platforms will support what a Multisite ISN requires.  Multisite also handles all the policy stretching and consistency between your fabrics which saves you having to manually stitch policies together (very messy).  

Robert

Go to solution
JPC11
Level 1
Level 1

‎06-10-2023 03:11 AM






0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License