Белая книга для Cisco Cisco Nexus 5010 Switch
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 17 of 75
Dynamic Routing Peering between the Fabric and the Standalone Firewall
When you run the dynamic routing protocol, the anycast-gateway fabric forwarding mode can not be used on the
SVI and BDI for VLAN 200. The fabric will receive the routing reachability information for protected networks from
the firewall through Open Shortest Path First (OSPF). Instead of redistributing static routes, you need to configure
the new route map that redistributes dynamically learned routes. Incremental configurations needed to establish
dynamic routing between the fabric and the firewall are shown here. Configuration 2a and Configuration 2b show
the baseline configurations.
Configuration 4a: IPVLAN-Based Leaf Switch
router ospf FW-TO-FABRIC-OSPF
## define OSPF routing process
vrf ORG1:PART1
## specify a particular VRF, for which the routing peering is needed
router-id 12.12.12.12
route-map ospfMap permit 10
interface Vlan200
## interface, used for Layer-3 peering with fabric.
vrf member VRF-A
ip address 10.10.200.1/24 tag 12345
ip router ospf FW-TO-FABRIC-OSPF area 0
router bgp 65000
vrf VRF-A
address-family ipv4 unicast
redistribute ospf route-map ospfMap
Configuration 4b: IPBD-Based Leaf Switch
router ospf FW-TO-FABRIC-OSPF
## define OSPF routing process
vrf ORG1:PART1
## specify a particular VRF, for which the routing peering is needed
router-id 12.12.12.12
route-map ospfMap permit 10
interface Bdi1501
## interface, used for Layer-3 peering with fabric.
vrf member VRF-A
ip address 10.10.200.1/24 tag 12345
ip router ospf FW-TO-FABRIC-OSPF area 0
router bgp 65000
vrf VRF-A
address-family ipv4 unicast
redistribute ospf route-map ospfMap