EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USACI Multi-Site Intersite L3Out
Multi-Site Intersite L3Out
Cisco ACI Intersite L3Out functions is supported on ACI release 4.2(1) with MSO release 2.2(1) onwards.
If any enterprise have requirement such that Endpoint at site 1 want to communicate to External resources at Site via Site 2 L3out, then in that case Intersite L3out function can be useful.
Below are some use case defined where Intersite L3Out functionality can be very much used.
Refer figure describes Endoint to Remote L3Out communication (Intra/Inter VRF)
Refer figure describes Intersite transit routing (Intra/Inter VRF)
The above figure describes, when intersite L3out is enabled , Endpoints connected to specific sites will be able to communicate with external network entities like WAN , Mainframes, Service nodes, deployed in separate side via remote L3Out Connection ( both via Intra VRF or Inter VRF)
Intersite L3Out Guidelines
- If you are using ACI release 5.0(1), you need to follow below guideline while designing Intersite L3Out.
- For ACI Sites, minimum ACI release for Intersite L3Out communication is ACI 4.2(1)
- In-Order to support use cases described in above section figure, Designer must use ACI release 4.2(2) or later
- Intersite L3Out is only supported on Border leaf L3Outs and not on GOLF L3Outs.
- When we deploy Multi-Site with Remote Leaf, Intersite L3Out is not supported.
- CloudSec traffic encryption is not supported over Intersite L3Out.
Intersite Control & Data Plane
If we are planning to deploy Intersite L3out, it is mandatory to deploy separate TEP pool referred as external TEP Pool (Other from INFRA TEP Pool) for each Site who are part of ACI Multi—Site Architecture. The Configuration and management of External TEP pool will be done from MSO only.
Once External TEP pool is assigned, MSO will assigned a dedicate External TEP IP address to each Border Leaf ,doing so a dedicated leaf to leaf VXLAN Tunnel will be created and communication between endpoint in a site and external resources via L3Out connection happens.
Comment
TABLE OF CONTENTS
- ACI Initial Fabric Configuration
- ACI Configure Tenant VRF & Bridge Domain
- ACI Configure Filters and Contracts
- ACI Configure Three-Tier Application Profile
- ACI Configure Baseline Interface Policies
- ACI Integration with VMWARE
- ACI Inter Tenant Connectivity
- ACI Extend Bridge Domain by External Layer 2 Connection
- ACI External Network Connectivity to External Switch via Trunk
- ACI Static Routing for External Layer 3 Connectivity
- ACI OSPF Routing for External Layer 3 Connectivity
- ACI EIGRP Routing for External Layer 3 Connectivity
- ACI EBGP Routing for External Layer 3 Connectivity
- IPN Configuration
- ACI Multipod Overview
- ACI Multi-Pod Building Control Plane
- ACI Multi-Pod Data Traffic Flow
- Multi-Pod Connectivity via External L3
- Host Tracking Subnet Check & Limit IP Learning
- Service Graph Introduction
- BD VRF & EPG Design consideration – Service Chaining
- IP Routing & VRF Design Consideration – Service Chaining
- L3Out for Routing to L4-L7 Devices
- Routed Mode ( Go-To mode ) for L4-L7 Appliance
- Transparent & One ARM mode for L4-L7 Appliance
- Policy Based Redirect in ACI
RECENT POSTS
- What is Docker and Why is It Important?
- Learn Python 3.0 Programming for Network Automation
- Cisco ACI Data Centre: A Comprehensive Overview
- How to Prepare for the Microsoft Azure AZ-305 Exam
- AWS Training Certification Course for Solutions Architect
- Cisco SASE Architecture
- SASE vs SD-WAN
- What is SASE
- Accessing Amazon S3 using AWS private Link in Secure hybrid method.
- Cisco Smart Licensing Policy
LEAVE A COMMENT
Please login here to comment.