![]() ![]() There is not layer two connectivity between locations, and the cost of deploying such a P2P link would be cost prohibitive due to the requirement for an annual contract, diverse paths, etc. The servers are running on internet-routable addresses, are dual-stack IPv4/IPv6, and both locations have full table BGP peering using unique ASNs. This post will be a work in progress while working through a data center migration without re-addressing systems, and without service interruption to public-facing services. LACP/LAG/MLAG/MC-LAG/port-channel or whatever your preferred vendor calls them) FortiGate VXLAN encapsulation functionality cannot involve aggregate interfaces (e.g.FortiGate tunnel interfaces doing VXLAN encapsulation cannot offload IPSec to hardware NPU, so throughput may hit an upper limit even if you don’t have MTU problems.Be very careful – your resulting config may be passing flood-based routing protocol packets, spanning tree BPDU’s, and any other broadcast / layer two things occurring on your network.Here’s some highlights if you don’t feel like reading: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |