Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2682
Views
0
Helpful
3
Replies

OTV with paired stateful firewalls - avoiding asymmetric routing

8c-stone
Level 1
Level 1

‎05-12-2011 09:05 AM - edited ‎03-01-2019 06:56 AM

Hi,

I cant find a quick answer on this one, but if I deploy OTV in a dual L3 DataCentre deployment, does the return traffic follow the OTV path, or take it's own Routing table next-hop...? I need to extend L2 as an interim measure, prior to application re-development to enable L3 support (well likely more like application team convincing than app redevelopment...) But need to ensure that the return path is same as the incoming, without NAT.

Thanks

2 people had this problem
Labels:
0 Helpful
3 Replies 3

mohammedrafiq
Level 1
Level 1

‎05-20-2011 06:39 AM

Hi,

Here is my thoughts,

When you configuring OTV between datacenters over Daul WAN links, then you need to use sepreate WAN device or create WAN VDC.so do you care which one is the return path there, its only matter when it enters into your LAN Nexus or LAN VDC(where your FW will be connected) through site local VLAN.Now here you can configure multiple links between LAN and WAN device or VDC's as portchannel in vPC to keep your traffic symmerical.

Hope its make sense.

Regards,

0 Helpful

8c-stone
Level 1
Level 1
In response to mohammedrafiq

‎05-23-2011 02:55 AM

Thanks for the reply. I dont think that it does answer my question, however I have now read an article on OTV with LISP which I believe answers it entirely...

I now need to find out if LISP is supported in current NX-OS.

Thanks, Carl

0 Helpful

pvinci
Level 4
Level 4
In response to 8c-stone

‎08-10-2012 12:49 PM

LISP is supported and licensed along with OTV on the N7K.

With OTV, you use FHRP filtering to address the egress traffic and then you can use LISP to address the ingress traffic. Otherwise, you will experience the classical "trombone routing" associated with stretched vlans.

If you have any questions, let me know.

Regards,

Paul

http://vinciconsulting.com/vxnet

0 Helpful
Customers Also Viewed These Support Documents