Cisco Cisco Nexus 5010 Switch Livre blanc
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 56 of 75
Complex Deployment Scenarios
Often high-performance firewalls in routed mode combine two functions in one: tenant-edge firewall and east-west
firewall. This approach allows the firewall both to present itself as a default gateway for a certain number of specific
subnets and to enforce security policies for traffic forwarded between VRF instances, all in one firewall context
(Figure 24).
Figure 24. Logical Diagram Showing a Single Tenant-Edge Firewall Acting as a Default Gateway for Subnets F1 and F2 as
Well as Enforcing Security Policies between VRF A, VRF B, and VRF EXT