EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFExternal L3 Network Connectivity in ACI
External L3 Network Connectivity in ACI
An L3Out is a logical connection that is established between one or more pair of ACI leaf nodes (named border leaf switches) and WAN edge routers. Each VRF deployed inside the fabric can use those L3Out connections for establishing VRF-Lite connectivity with external routers. Alternatively, if all the bridge domains (or VRFs) defined inside the ACI fabric must have access to a common external routing domain, it is possible to define a single L3Out connection that all those entities share and usually define as part of the common tenant.
The routing information that is learned from the external network domain on the L3Outs connections is redistributed inside the ACI fabric by the border leaf switches. The control plane that is used for this function is MP-BGP; using the VPNv4/v6 address-family for sending external routing information to all leaf nodes, for each defined VRF. In a traditional single pod ACI deployment, a pair of spine switches is designated as MP-BGP VPNv4/v6 route reflectors. This designation is so that all the leaf nodes deployed in the fabric peer with the route reflectors to receive external routing information from the border leaf switches.
In a Cisco ACI Multi-Pod fabric, a pair of route reflectors is defined in each pod to perform this route reflector functionality internally to the pod that they belong to, as shown in the figure bellow. Then, MP-BGP between spine switches in each pod allows to exchange those L3Out routes with each pod.
If the same L3Out route is learned from multiple L3Outs in different pods, endpoints deployed in a given pod would always use the local L3Out connection (lower routing metric to local border leaf switches) to send traffic to the L3Out route.
If all border leaf nodes that are deployed inside a certain pod fail, or in WAN failure scenarios in a certain pod, endpoints can still continue to communicate with the external Layer 3 domain, using the L3Out in remote pods.
When a certain pod loses its connection to the WAN, or in scenarios where a specific pod does not have a WAN connection, it can load-balance traffic on a per-flow basis using the L3Out connections available in other remote pods. By default, the leaf nodes in this pod have ECMP routes for the L3Out routes from remote pods pointing to the TEP of border leaf switches each remote pod.
Comment
TABLE OF CONTENTS
RECENT POSTS
- Cisco UCS Solutions — Unified Computing Knowledge
- Navigating the SD-WAN Revolution: Insights for Modern Network Architects
- Cisco Data Center Career: Getting Started with Nexus Training
- Lock Down Your Networks in a Digital World: The Ultimate Guide to Learning Mastering Cisco Identity Services Engine (ISE)
- How to Become an AWS Solution Architect — Your Ultimate Guide to Cloud Mastery
- The Docker Training Course Outline - Your Guide to Becoming a Docker Expert
- Develop Next-Level Azure Networking Skills with AZ-700 Training
- Reasons to Choose DClessons for Your SD-WAN Velocloud Training Needs
- Learn to Network: Get More Out Of Cisco ACI and DCACIA with DClessons
- Learn Cisco CCIE Data Center, Certified data center professional with DClessons in Data Center Technologies
LEAVE A COMMENT
Please login here to comment.