Cisco Cisco Nexus 5010 Switch Libro bianco
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 30 of 75
maximum-paths ibgp 2
evpn
vni 30101 l2
evpn
vni 30101 l2
## enabling bgp evpn control plane for host reachability for L2 VNI 30101
rd auto
route-target import auto
route-target export auto
vni 30102 l2
route-target import auto
route-target export auto
vni 30102 l2
## enabling bgp evpn control plane for host reachability for L2 VNI 30102
rd auto
route-target import auto
route-target export auto
vni 30301 l2
route-target import auto
route-target export auto
vni 30301 l2
## enabling bgp evpn control plane for host reachability for L2 VNI 30301
rd auto
route-target import auto
route-target export auto
vni 30302 l2
route-target import auto
route-target export auto
vni 30302 l2
## enabling bgp evpn control plane for host reachability for L2 VNI 30302
rd auto
route-target import auto
route-target export auto
Active-Standby Failover East-West Firewalls in Transparent Mode
), firewalls configured
in single-attached mode will lead to suboptimal forwarding (Figure 16). Border leaf 2 is configured with the SVI and
BDI in anycast-gateway mode and hence attracts traffic directed to protected subnets, but it is also attached to the
standby firewall, which is dormant in the normal operational state. Upon receipt of traffic to protected subnets,
border leaf 2 will route traffic to border leaf 1 through the fabric to reach protected subnets.
Figure 16. Suboptimal Forwarding in Scenario with Active-Standby Failover East-West Firewalls with Individual Port-Channel
Connectivity to Leaf Nodes