In the middle of an expressroute deployment that is a little different from your standard microsoft example configs, we are treating azure cloud as a DMZ and terminating it onto a palo alto, but i have ran into some pitfalls.
- Azure ExpressRoute uses QinQ natively.
- PALO ALTO does not support QinQ natively...
- have a switch @ the datacenter that i was hoping to land ExpressRoute on and then tag the (c) tags down to the palo alto.
- 2960XR im finding conflicting information, some forum posts say the 2960XR supports traditional QinQ but not selective, and im having a hard time understanding if i need strictly traditionally or if i need selective ? (first time using QinQ)
- basic diagram of what i am trying to achieve
CURRENTLY I am running this UNTAGGED with a single C-VLAN rolling across which makes this circuit up and operational, but we don't get the IP SLA 99.99995 support from microsoft that management wants. Has anyone in this community ever setup QinQ on a 2960XR series ? Everything im reading online says this needs to land on our ASR but we are treating Azure as a DMZ instance so that complicates our configuration, and to top it off we are out of ports on our ASR at the data center.
No comments:
Post a Comment