How server traffic is routed between tierd ACE and ASA?
I have a two tier application services in the data center as following:
Internet -- ASA outside FW -- ACE for front end web servers -- ASA inside FW -- ACE for back end servers
The design is outside FW filters Internet access to front end web servers, and inside FW filters front end servers to back end servers. My question is: for each tier of servers, should their default gateway on respective ASA FW or the ACE load balancer?
The default gateway can be on ASA or ACE. If it is on ASA, you would need to NAT the traffic so that return traffic also goes through the ACE or you will have asymmetric routing. If ACE is the DGW, you don't need NAT. Some useful links for design:
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...