I have been assigned the following challenge: a customer wants to build 2 datacenters and connect these to a L3 backbone. I have attached a (very) simplified network diagram.
Challenge: The customer wants to span a L2 domain across both DCs and needs to have an Active/Active firewall. This in turn means that the traffic flow needs to be symmetric. Since both firewalls (gateways) and clients in this example are in the same stretched L2 subnet, how do I get the clients in DC1 to primarily use the FW 10.0.0.1 as default gateway, and clients in DC2 using 10.0.0.254 as default gateway. Of course clients need to use DHCP ;)
Possible solution: See attached diagram. However this relies on the additional delay of the DCI to assign different default gateways to clients. e.g. a DHCP request from a client in DC 1 will get the quickest response from a DHCP server in DC1, which assigns 10.0.0.1 as default gateway. The DHCP response from DC 2 (which would assign 10.0.0.254 as deault gateway) would arrive late and ignored by the client.
This does not seem like the perfect solution to me, since we are relying on many factors (e.g. delay may change due to other circumstances). Does anybody have other suggestions?
Thanks for your reply! Blocking DHCP on the DCI is a good idea...it should have the result I an looking for. The first hop will need to be the Firewall though, since we have the networks assigned to different security zones. Not the optimum regarding performance, but it will me the more secure approach. I am aware that in a failover scenario e.g. data from DC2 destined for another network in DC2 will traverse the DCI to get routed.
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...