We proposed a standard setup for a LAN to one of our customers, where the servers are connected access switches (3500 series), and the access switches are dually homed to two 6513 distribution switches. The two 6513 are connected together via etherchannel, and each 6513 switch has MSFC, SSL Module and CSM module. Each 6513 is also connected to a Netscreen firewall.
The etherchannel between the two distribution switches is trunked and we use to transport L2 and L3 traffic, and we use HSRP as well. So, basically its standard setup.
But the customer wants to use the etherchannel between the two distribution switches as pure L3, so he wants us to remove the trunking and create a new VLAN to interconnect the two distribution switches, and we use IGP only between the switches.
For any traffic that should use L2 and need to go between the two distribution switches, like HSRP packets it should go through the access switches instead of going directly between the two distribution switches.
1) Does the customer request meet Cisco best practice?
2) If not, does our solution can be considered as the best practice?
3) What are the problems in the customer request?
4) Having the two firewalls in active/active mode or active/standby mode, and having CSM in active/active mode or active/standby mode, either way, will that make the customer request valid?
5) One of the customer arguments for using L3 was that the OSPF convergence time is better than STP convergence time Is that a valid argument
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...