Cisco Public
Cisco SD-Access for Large Enterprise and Government
Contents
AuthorsExecutive SummaryChallenges and RequirementsSegmentationScaleConsistencyBYODAir GapIT as a Business (ITaaB)Managed Service ProvidersHow Cisco SD-Access R...
You could create several L3VN in SDA fabric with different VLAN IDs, trunk all those VLANs to 2960X, then assign different VLANs to different 2960X ports, see my rough diagram below. To Andy's point the 2960X is not automated by SDA, so there will be...
Hi Andy, agree that SGT can sill be dynamically assigned by ISE for endpoint connected to 2960X, thus populating ISE session table with IP:SGT for the endpoint, and then that IP:SGT pair can be advertised to FW or Border Node (over SXP or pxGrid). Th...
"Intermediate Node" is SDA nomencalture for "an L3 switch that is not part of the SDA fabric". An IN is not running LISP and is not encapsulating/decapsulating VXLAN, it is just routing packets between Fabric Nodes. So, yes, it would pass traffic bet...
There is also "Layer 2 Virtual Network" in SD-Access 2.3.5 and later. The L2VN is like one big VLAN with no default gateway inside the SD-Access Fabric.
Chain of C9K or IE Extended Nodes is supported. HOWEVER, when we added support for EX chain, 3560-CX was EOS (End of Sale), thus it's not supported to chain 3560-CX Extended Nodes. When we add feature support to SDA, we test the feature internally ag...